1 


Distributed Control Systems and Process Plants 


MARK NIXON 


PARTIAL LIST OF SUPPLIERS 

ABB (www.abb.com) 

Emerson (www.emerson.com) 

Invensys (www.invensys.com) 

Honeywell (http://honeywell.com) 

Rockwell Automation (www.rockwellautomation.com) 
Siemens (www.siemens.com) 

Yokogawa (www.yokogawa.com) 

Schneider Electric (www.schneider-electric.com) 

General Electric (www.ge.com) 

Ametek EIG (www.ametek.com) 

ThermonElectron Measurement & Control 
(www.thermoscientific.com) 

FlowServe Flow Control Division (www.flowserve.com) 
Roper Industries Industrial Technology (www.roperind.com) 
Spectris (www.roperind.com) 

MKS Instruments (www.mksinst.com) 

Danaher Industrial Technologies (www.danaher.com) 
National Instruments (www.ni.com) 

Phoenix Contact (www.phoenixcontact.com) 

Omron (www.omron.com) 

Metso Automation (www.metsoautomation.com) 

Endress + Hauser (www.endress.com) 

Turck (www.turck-usa.com) 

Aspen Technology (www.aspentech.com) 

Yamatake (www.yamatakeusa.com) 

Teledyne Instruments (www.teledyneinstruments.com) 
Weidmuller (www.weidmuller.com) 

OSIsoft (www.osisoft.com) 

Pepperl + Fuchs (www.pepperl-fuchs.com) 

MTL Instruments Group (www.mtl-inst.com) 

Dresser Industrial (www.dresser.com) 

Badger Meter (www.badgermeter.com) 

Bristol Babcock (www.babcock.co.uk) 

MSA (www.msanet.com) 

CCI (www.ccivalve.com) 

IFM Efector (www.ifmefector.com) 

Parker Industrial (www.parker.com) 

Mettler-Toledo (www.us.mt.com) 

Magnetrol (www.magnetrol.com) 

Ohmart-Vega (www.ohmartvega.com) 

Tyco Flow Control (www.tycoflowcontrol.com) 

Matrikon (www.matrikon.com) 


SPX Valves & Controls (www.spxflowtechnology.com) 
Iconics (www.iconics.com) 

Horiba (www.horiba.com) 

Prime Measurement Products (www.prime-measurement.com) 
Burkert (www.burkert.com.au) 

Cashco (www.cashco.com) 

FMC (www.fmctechnologies.com) 

DEFINITIONS 

Plant Area : A functional grouping of equipment within 
a plant. 

Continuous Process'. A process that continuously processes 
raw materials into a product using feedback control. 
Batch Process'. A process that procedurally processes 
materials into a product using a series of discrete steps. 
Multi-Loop Controller. Device used to measure or control 
multiple parameters. 

Fieldbus'. AS-Interface, DeviceNet, Foundation Fieldbus, 
Profibus. 

Network'. IEEE 802.3 (Ethernet) 10 baseT or dual-speed 
10/100 BaseT network, depending on the hubs or 
switches, shielded twisted-pair cable connects each 
node to the hub or switch; maximum cable length 
from the hub/switch to a node is 100 m. For longer dis- 
tances, use a fiber-optic solution. 

Plant Operator. Person responsible for the day-to-day 
operation of one or more process areas within a plant. 
Control Room : Location in a plant used to manage and 
control the operation of the process. 

Cycle Times: Sample interval cycles times range from 
0.02 to 0.2 s/cycle for dedicated loop controllers and 
from 0.1 to 1 s/cycle for multi-loop unit operation 
controllers. Scan periods can be fixed or individually 
specified for each loop. 

SUMMARY 

Distributed control systems (DCS) are used in manufac- 
turing and process industries such as chemical, specialty 
chemical, petrochemical, refining, pharmaceutical, food and 
beverage, power, cement, water and wastewater, oil and gas, 
pulp and paper, steel plants, and many others. The provided 


© 2012 by Bela Liptak 


6 Process Control and Automation 


automations are used for batch, fed-batch, and continuous 
processes. DCS installations can be used within a single site 
or compounded sites in the same area or extended through- 
out a country or the world by the use of microwave, satellite, 
Internet, and other technologies that incorporate remote loca- 
tions. The most recent systems include options for optical, 
wired, and wireless infrastructures. The focus of the chapter 
is on DCS architecture, classification of process and manu- 
facturing systems, networks, and network integration. 

The current technology in communication and embed- 
ded systems allows products and production resources to 
play a more active role in the production process. This new 
active capacity generates major changes in organizations and 
information systems, that is, enterprise resource planning 
(ERP) and manufacturing execution systems (MES). New 
approaches are applied for modeling, testing, and assessing 
the features, made possible by the decisional and informa- 
tional capabilities of the new active entities. Also, the recent 
advances in microelectronics, computers, embedded control 
systems, and software allow significantly enhanced function- 
ality, complexity, and scalability in process plants. These will 
be discussed in this chapter and indeed throughout the book. 

INTRODUCTION 

Plant location and layout, construction, process equipment, 
manufacturing requirements, regulations, standards, and tech- 
nology have all influenced how control systems have evolved. 
This section provides an overview of processes, plants, termi- 
nology that is commonly used in discussing control systems, 
and gives information on how control systems have evolved. 

Plant Structure 

The physical location of the plant often dictates the approach 
that must be taken in the plant design and materials of con- 
struction. For example, in pulp and paper mills located in 
many parts of North America, it is quite common to con- 
struct enclosures around the process so that even the largest 
pieces of equipment, such as continuous digesters that are 
over 300 ft tall, are not visible from outside the plant. These 
enclosures protect the process from low temperatures that 
may drop to less than -30°F in the wintertime. In other indus- 
try segments, such as pharmaceutical manufacturing where 
high-value products may be produced, equipment enclosures 
provide a clean room environment supported by special air 
handling systems to keep the temperature, humidity, and air 
quality within desired limits. Thus, depending on the plant 
location and the type of product produced, the processing 
equipment may be contained in buildings. 

In contrast to these examples of enclosed plant construc- 
tion, in more moderate climate, some or all of the process 
equipment associated with a plant may be located in the open 
with no protection from the outside elements. In these cases, 
the process equipment must be designed to operate without 


disruption in spite of changes in outside air temperature 
and the occasional rain storms. The primary motivation 
for this type of open construction is the safety and savings 
achieved by eliminating the housing for process equipment. 
Open air structures provide dispersion of flammable vapors 
and dissipation of explosive forces. In many process indus- 
try segments, such as chemical and refining with hazardous 
materials, it is common to locate the plant in a region char- 
acterized by a moderate climate and for some or all of the 
process equipment to be in the open. Thus, the physical con- 
struction and appearance of a plant will differ depending on 
the location of the plant and the products. Plants are designed 
to meet some financial objective and where possible, the con- 
struction cost is minimized by the selection of the plant site. 
When there is no need for the protection provided by a build- 
ing, the equipment will be located outside. 

When equipment is located in the open, additional 
precautions are often taken to minimize heat loss. Also, 
additional protection may be required to protect the wir- 
ing associated with the field instrumentation that is used to 
measure the process conditions such as pressure, tempera- 
ture, flow and level, and actuators that are used to regulate 
flow through the process. For example, the process lines that 
carry fluid and gas throughout the process are commonly 
encased by a layer of heavy insulation. To secure the insula- 
tion and provide added protection from physical damage, it 
is quite common to install a thin metallic covering such as 
stainless steel over the insulation. Thus, when viewing the 
plant from a distance, it may appear that the process lines are 
large stainless steel pipes but are in fact much smaller pipes 
that have been insulated. Also, other process equipment such 
as reactors, and heat exchanges that operate at elevated tem- 
peratures, will normally be insulated to minimize heat loss 
and thus improve overall operating efficiency. Even storage 
tanks in the plant may be insulated if the material in the tank 
is normally above ambient temperature. In locations where 
the outside temperature may drop below freezing, then when 
using open construction, it is often necessary to include elec- 
trical heating bands or small steam lines, known as steam 
tracing, around the process and instrumentation sensing 
lines to ensure the material in these lines does not freeze. 

Plant Organization 

In most plants, the processing equipment within the plant is 
organized into functional groupings known as process areas. 
Thus, if a person in the plant is given directions on how to 
reach a piece of equipment in the plant, then these directions 
may include a reference to the plant area where the equip- 
ment is located. For example, in a pulping process, the area 
associated with bleaching or log processing might be referred 
to as the "bleaching” or “woodyard” areas of the plant. Area 
names are normally assigned during plant design to make 
it easier to discuss or reference different parts of the plant. 
Areas are normally further subdivided by units and equip- 
ment. This relationship between a plant site, areas, units, 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 1 



The scope of a single DCS will be a single 
process site. 


A process site is divided into one or more named 
plant areas. Control strategies within an area 
must be uniquely tagged. 


A plant area can contain multiple units. A 
unit can contain equipment modules and 
control modules. 


A area or unit can contain multiple 
equipment modules. An equipment module 
can contain other equipment modules, control 
modules, and function blocks. The control for 
an equipment module is described in terms of 
SFCs and function blocks. 

A control module may be contained by an 
area, a unit, an equipment module, or by 
another control module. A control module 
may contain other control modules or function 
blocks. 


TO. 7.7 

Physical equipment hierarchy. 


TABLE 1.1 

Commonly Used Hierarchies 


Hierarchy 

Description 


Control 
Control system 
Operations 
Physical plant 


In most DCS systems, the control hierarchy closely follows the S88 hierarchy. The S88 hierarchy includes site, area, unit, 
equipment module, control module, and control element. 

The DCS consists of operator/configuration stations, host computers, controllers, 10 devices, smart devices, gateways, etc. The 
association between these pieces of equipment is captured by the plant network, area control network, and 10 network. 

The operations hierarchy is used by both the operator and the maintenance engineers as a primary means to find displays, reports, 
and other items they use to perform their jobs. 

The physical plant hierarchy is used by the maintenance engineers and technicians as a primary means to see physical 
relationships (location) and navigate maintenance information about plant instruments and equipment. 


and equipment is usually modeled using the S88 equipment 
model as shown in Figure 1.1. 

In addition to the physical plant hierarchy, it is common to 
use other hierarchies to help organize systems. Four commonly 
used organizations that are used are summarized in Table 1.1. 

Plant Operators 

Many plants in the process industry represent a capital invest- 
ment of many hundreds of millions of dollars. Achieving the 
desired return on investment in a plant depends heavily on 
consistently achieving the production targets that were the 
basis of the plant design. The people within a plant who are 
ultimately responsible for the minute-to-minute operations are 
the plant operators. Thus, the plant operators play a key role in 


a plant’s operation and its commercial success. The operator’s 
job is to insure correct operation in one or more process areas 
under all processing conditions. Also, the operator is responsi- 
ble for changing area production rates to achieve planned pro- 
duction targets. If production in a process area is not on target 
and/or equipment is damaged due to improper action being 
taken in plant operation, then the operator responsible for this 
area of the plant stands a good chance of receiving a repri- 
mand. An important part of the plant operator’s job is to con- 
stantly monitor the process operation and to work through the 
control system to make the adjustments necessary to maintain 
correct operating conditions and scheduled production levels. 

The number of plant areas assigned to an operator var- 
ies depending on the process complexity, number of pieces 
of equipment within each process area, and the degree of 


© 2012 by Bela Liptak 







8 Process Control and Automation 


automation that is provided by the process control system. 
The plant operator normally works from a control room that 
contains an interface to the process control system. 

In many plants, control rooms are physically located 
close to process areas that are managed by operators. For 
example, if an operator is responsible for steam and electri- 
cal generation, then the control room is often located in the 
power house area of the plant. In contrast to this, for example, 
in many large refineries, control rooms have all been consoli- 
dated into a single central control room. 

In his job, the operator interacts with the control sys- 
tem to start and stop pumps, open and close valves, and 
change the operating targets maintained by the control sys- 
tem. To successfully perform these functions, the operator 
must have a thorough understanding of the process and its 
physical layout. To achieve this level of understanding, a 
plant operator may have many years of hands-on experi- 
ence with the process, often gained by starting work in the 
plant in an entry-level position known as an operator helper 
and gradually working his/her way up through various 
positions such as outside operator to the position of a plant 
operator. There may be different levels of operators within 
a control room depending on the company. To achieve cer- 
tification for an operator position, it is often necessary to 
pass formal tests on the process and associated control sys- 
tem. For example, in some plants, there will be an Operator 
III, an Operator II, and an Operator 1. To advance, it is nec- 
essary to show proficiency at the next level of operation. 

When working in the control room area, it is important to 
always remember that the plant operator is ultimately respon- 
sible for running the plant. Thus, any changes in the process or 
control system by a control or process engineer or instrument 
technician must be done with the permission of the plant opera- 
tor. In many cases, it is necessary to initiate a work order to for- 
mally request permission to make a change of any significance 
in the control system or associated instrumentation. Depending 
on the company policies, such work orders may need to be 
reviewed by a safety panel to insure that the work can be done 
without introducing a safety risk in the plant operation. 

Plant Maintenance 

Within the plant, there are normally many departments that 
support the process operation and the instrumentation and con- 
trol system. Depending on the size of the plant, there may be 
one or more maintenance shops that include instrumentation 
and control groups. Usually associated with a maintenance 
shop will be a storage area that contains spare parts and spare 
field instruments. Also, the maintenance shop may include a 
machine shop that includes the tools needed to repair valves 
and other mechanical components critical to plant operation. 

Laboratories 

One of the key objectives of a process control system is to 
maintain the product quality parameters within product 


specifications. Product quality measurements are used by the 
operator to make corrections in the process such as chang- 
ing feed flows or operating targets such as temperature that 
impact the parameter reflected in the lab test. Specialized 
analyzers or lab samples are used to provide feedback on 
the product as it is being manufactured. In cases where a 
measurement of product quality is only available from a lab, 
then there will be a delay associated with processing the lab 
sample. In many plants, specialized techniques exist to auto- 
matically adjust the process-based entries of lab analysis into 
the control system. 

Evolution of Distributed Control Systems 

By the mid-1970s, electronics had evolved to the point 
where it became possible to integrate communication tech- 
nology into the process control system. Rather than access- 
ing measurement values as current signal values, it became 
possible to digitally communicate measurement values and 
associated diagnostic information about the transmitter over 
a coax cable at fairly high baud rates. The enabling technol- 
ogy was the advent of low-cost microprocessors that could 
be programmed to provide functionality previously achieved 
using many analog components and circuits. The primary 
means of control, the proportional-integral-derivative (PID) 
controller, could be implemented in software. The electronic 
devices known as multi-loop controller were introduced to 
address multiple measurements and control requirements and 
thus eliminate the need for dedicated hardware controllers. 

Other technologies that have had a significant impact 
on control systems include low-power electronics, high- 
performance microprocessors, Ethernet, commercial oper- 
ating systems, graphics cards, software methodology, and 
low-cost PCs and storage from companies like DELL and 
EMC. Standards such as Fieldbus, Profibus, HART, Actuator 
Sensor interface (ASi), and open connectivity (OPC) moved 
suppliers away from proprietary technology toward open sys- 
tems and level playing fields. Data capture and analysis has 
also taken a big step forward. Historians’ such as that from 
open systems interconnection (OSI) and tools from Microsoft 
such as Excel have had an impact as well. 

The instrumentation used to implement automatic pro- 
cess control has gone through an evolutionary process and 
is still evolving today. In the beginning, plants used local, 
large-case pneumatic controllers; these later became min- 
iaturized and centralized onto control panels and consoles. 
Their appearance changed very little when analog electronic 
instruments were introduced. The first applications of process 
control computers resulted in a mix of the traditional ana- 
log and the newer direct digital control (DDC) equipment in 
the same control room. This mix of equipment was not only 
cumbersome but also rather inflexible because the changing 
of control configurations necessitated changes in the routing 
of wires. This arrangement gave way in the 1970s to the DCS. 

The DCS offered many advantages over its predecessors. 
For starters, the DCS distributed major control functions, 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 9 


such as controllers, Input/Output (IO), operator stations, 
historians, and configuration stations onto different boxes. 
The key system functions were designed to be redundant. As 
such, the DCS tended to support redundant data highways, 
redundant controllers, redundant IO and IO networks and 
in some cases, redundant fault-tolerant workstations. If any 
single part of the DCS fails, the plant can continue to operate. 

Much of this change has been driven by the ever increas- 
ing performance-price ratio of the associated hardware. The 
evolution of communication technology and of supporting 
components has dramatically altered the fundamental struc- 
ture of the control system. Communication technology such 
as Ethernet and TCP/UDP/IP combined with standards such 
as OPC allow third-party applications to be easily integrated 
into the control system. Also, the general acceptance of 
object-oriented design, software component design, and sup- 
porting tools for implementation have facilitated the devel- 
opment of better user interfaces and the implementation of 
reusable software. A new generation of process control sys- 
tems based on these developments has been introduced by 
major control system suppliers. These systems incorporate 
commercially available hardware, software, and communica- 
tions. They integrate IO bus technology such as Fieldbus and 
Profibus fully into the system. Batch technology, advanced 
control, and safety systems are also being included as embed- 
ded technologies within the DCS. 


These new systems are the foundation for the instrumen- 
tation and control implemented in new grass roots plants. 
Also, because of the significant operation improvements, 
including such advanced features as abnormal situation pre- 
vention, which may be achieved with such systems, they are 
quickly replacing the early DCS systems. 

With the introduction of Foundation Fieldbus, control 
functions have partially moved into the field. This move to 
further distribute control and functionality has opened the 
door to a hybrid controller. These hybrid controllers, such as 
Honeywell’s Plantscape and Emerson Process Management’s 
DeltaV, are examples of this move. 

These newer controllers are also being used as linking 
devices — connecting together multiple IO buses such as 
Fieldbus, DeviceNet, AS-Interface, HART, and convential 
IO. This is illustrated in Figure 1.2. 

The DCS, which has dominated the process control 
industry for years, known for its performance and reliability, 
first developed a large presence with many process compa- 
nies. Over the years, the DCS has become more modular and 
with the continually lowering of costs, has penetrated smaller 
installations — especially where advanced capabilities such as 
alarm management, batch, and advanced control are needed. 
It is not uncommon to see installations with a single control- 
ler, one workstation, a bus arrangement such as AS-Interface 
and Fieldbus, and a small number of conventional IO. 




FIG. 1.2 

Distributed control system architecture. 


© 2012 by Bela Liptak 








10 Process Control and Automation 


Fieldbus technology such as Fieldbus, Profibus, and 
HART has made it possible to greatly reduce the amount of 
wiring in the field. These standards have also made it possible 
to fully integrate diagnostics into devices and measurements. 
The latest wireless standards, such as WirelessHART™, have 
made it possible for users to take additional measurements, 
in some cases, capturing measurements that were in the past 
very difficult to take. Ethernet technology has made it possi- 
ble for DCS suppliers to deploy standards-based networking 
and off-the-shelf components. All of these innovations have 
given the system designer new freedom to distribute the con- 
trollers to remote control centers located near to the process 
and thus reduced the length of wiring runs to field devices. 
As a result of this distribution of the control system, the size 
of control rooms and associated construction cost has been 
reduced. In most cases, the control room only needs to be 
large enough to contain the monitors and keyboards associ- 
ated with the operators interface to the control system. The 
need for dedicated pushbutton for motor control was elimi- 
nated since these types of discrete measurement and outputs 
were integrated into the control system. As a result, it was 
possible for the operator to view and access all aspects of 
the process and the control system from the control room. 
The only remnant of the control panel that remained in many 
cases were hard wired buttons to shut down the process in 
case access to the control system is lost. 

The shift to standard off-the-shelf operator station hard- 
ware from DELL, HP, and others has had a major impact 
on the tools that are available to the operator in performing 
his job. The monitors and keyboard interfaces that are now 
provided in a DCS became their window into the process and 
their only means of working with the control system. The 
functions provided by the panel-based system have disap- 
peared from many sites. 

Many of the features of current digital control system 
such as controllers, alarming, and trending of critical process 
measurement can be traced back to these early panel-based 
systems. To ease the operator transition from a panel-based 
system to monitor-based systems, the manner in which infor- 
mation was displayed on the monitor mimicked the way this 
information appeared on the control panel. The concept of 
a controller faceplate that is used in modern operator inter- 
faces can be traced to the manner in which information was 
displayed in panel-based analog controllers. A significant 
amount of research from groups such as ASM and the Center 
for Operator Performance are now taking a second look at 
how operator interfaces and control rooms can be improved. 

Over the past 10 years, it has been common for users to 
take advantage of the flexibility of these newer DCS systems 
to improve and streamline plant operations. As part of this, 
more and more control systems are being centralized. For 
example, in a plant that previously had four or five control 
rooms each staffed with an operation, then it was possible 
to replace these with one control room. This newer control 
room is often put into a secured location in the plant. As a 
result, the number of operators needed to run the plant has 


been significantly reduced. As part of this, the scope of the 
operator has been increased to include more process units 
or process areas. This reduction in manpower was a cost 
savings for the plant. But more importantly, as a result of 
centralization, it allowed better coordination of production 
between process areas and thus resulted in improved oper- 
ating efficiency. Many companies in the process industry 
quickly adopted this technology for new installation and 
where possible upgraded existing plant with DCS. Plants that 
did not adopt this technology are having trouble competing 
with the ones that have because of the cost of having multiple 
operators and multiple operating rooms. 

Another side effect over the past 10 years has been the 
skill sets required to design, install, and maintain the control 
system. For example, since a DCS depends heavily on the use 
of digital communications and software function performed 
by microprocessors, then different skills are required to set 
up and maintain the control system. To work with the DCS, it 
has become necessary to be proficient in tools provided with 
the control system to analyze and work with communications 
and software embedded in the control system. When install- 
ing a DCS, the person responsible for the operator must be 
familiar with the display capability of the control system, and 
then design and construct displays that allow the operator to 
access process information and interact with the control sys- 
tem in the most efficient manner. Thus, the installation of a 
DCS changed nearly every aspect of the design, implementa- 
tion, checkout, operation, and maintenance. 

CONTROL SYSTEM CLASSIFICATION 

Industrial production can be broadly classified as discrete 
manufacturing and process manufacturing systems that can 
be operated in a continuous or various procedural modes. 
The actions taken in these modes to affect the process can be 
discrete or modulating control. In discrete control, quantities 
(e.g., flow or heat) are turned on or off by the opening and 
closing of final control elements (e.g., dampers, valves, and 
vanes), the starting and stopping of motors for prime movers 
(e.g., blowers, compressors, conveyors, fans, and pumps) and 
agitators, and the switching of power to electrical heaters. 
The inputs and outputs for discrete control are in one of two 
states (e.g., on or off). Discrete control decisions are based on 
procedures and logic for production and safety. The inputs 
and outputs of modulating control have a variable value (e.g., 
25%) and are often called analog inputs and analog out- 
puts even though they are implemented in digital devices. 
Feedback control loops are used to keep an input signal (con- 
trolled variable) at a target (set point) by the manipulation of 
an output signal (manipulated variable). 

In discrete manufacturing, the product is the result of 
quantized product entities (e.g., parts, pieces, bottles, or con- 
tainers) that are individually processed. Discrete manufac- 
turing systems are operated in a pure batch mode although 
the overall production line of entities traveling on a conveyor 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 11 



Typical final control elements 
set process and utility flows and production rate 


(1) Dampers, valves, and vanes 

open-close for discrete control variable position for modulating control 

(2) Blowers, compressors, conveyors, fans, grates, pumps, screws, sheet lines, spin lines 
start-stop for discrete control variable speed for modulating control 


FIG. 1.3 

Manufacturing modes, systems, and controls for process plants. 

can perhaps be viewed as a continuous line because there is a 
continual exiting of pieces. 

In process manufacturing, products are the result of 
equipment altering the properties of streams and creating 
new streams. In 99% of the industrial process control appli- 
cations, the process is affected by discrete or modulating 
control that changes the flow of a process and utility stream. 
Each stream consists of a fluid (gas, liquid, or solid) flowing 
through pipes, ducts, and equipment or traveling on convey- 
ors, grates, screws, sheet lines, and spin lines. For solids, the 
product can be particles, sheets, or fibers viewed as a con- 
tinuum that is flowing. 

Process manufacturing systems can be operated in a con- 
tinuous and batch mode. Many process plants have continu- 
ous and batch equipment in series. The types of automation 
systems and their classification as to discrete or modulating 
control are shown in Figure 1.3. 

In the continuous process mode, control-loop systems 
typically modulate the position or speed of final control ele- 
ments to set input and output flows and production rate. Fixed 
sequences are used by safety, startup, and shutdown systems 
to provide procedural discrete control. 

In the batch process mode, pure batch systems typically 
set fixed sequences and flexible recipes by procedural dis- 
crete control. Fed-batch control-loop systems modulate the 
position or speed of final control elements to set feed flows to 
improve efficiency and reduce cycle time. 

Plants often have both types of modes usually based on 
the time-to-market and volume requirements and product type 
and value. The commercialization of bench-top processes is 
most readily and quickly done by production in the batch 


mode. However, equipment operated in the continuous mode 
offers higher production rates. High value-added and small- 
volume products such as pharmaceuticals and specialty chem- 
icals tend to have equipment operating in the batch mode. For 
pharmaceuticals, time to market is also critical. Low value- 
added, mature, and large-volume products such as petro- 
chemicals and commodity chemicals usually have equipment 
operating in the continuous mode. Many plants have a combi- 
nation of batch and continuous equipment. Even when all of 
the processing is done in the continuous mode, the raw mate- 
rial and product storage tanks are operated in the batch mode. 

In the continuous mode, flows are exiting or discharging 
whenever there are flows entering to keep a constant inven- 
tory. In a batch mode, there are no exiting or discharging 
flows (discrete systems) or they are turned on and off based on 
discrete decisions made by control system logic as to whether 
the fluid has been sufficiently processed and if downstream 
equipment are ready to receive the resulting stream (process 
systems). Inventory (e.g., levels) are increasing or decreasing. 
In pure batch systems for process manufacturing, the flows 
entering the equipment are turned on and off based on dis- 
crete decisions as to whether it is the right time for the stream 
to be processed in the equipment and if upstream equipment 
are ready to provide the stream. In discrete manufacturing, 
instead of flows entering the entity, actions may be taken to 
change the geometry or properties of the solid entity. 

The decisions for the batch mode can be the result of 
fixed sequences or complex recipes. In fed-batch systems, 
the streams entering the equipment are modulated by a final 
control element to a continuum of varying flow rates rather 
than simply turned on and off. For liquids, the final control 


© 2012 by Bela Liptak 








12 Process Control and Automation 


elements are control valves and variable speed pumps. For 
gases, the final control elements are control valves, dampers, 
vanes, and variable speed blowers, fans, and compressors. 
For solids, the final control elements are variable speed rotary 
valves, conveyors, extruders, sheet lines, and spin lines. In 
general, fed-batch systems also have some part of the opera- 
tion of the equipment in a pure batch mode. As a minimum, 
the decisions as to when the final elements are modulated 
are made in a pure batch mode. The final control elements 
are typically manipulated by PID controllers to keep a pro- 
cess variable at a set point that can be varied by another PID 
controller for cascade control. Eventually, the PID controller 
operating point is determined by a set point from a sequence, 
recipe, or operator and is thus governed in a pure batch mode. 

In manufacturing systems, there are safety systems that 
take discrete actions when an abnormal situation develops 
to prevent the possibility of a hazardous event. The process 
and equipment and the monitoring and control systems are 
designed to eliminate the activation of the safety system. 

Safety Systems 

Most plants have safety instrumented systems (SIS) as auto- 
mated protective layers to reduce the risk of process opera- 
tions as shown in Figure 1.4. A safety integrity level (SIL) 
rates the severity of the potential hazard. A higher SIL 
number indicates a higher severity and great safety system 
requirements. The American National Standards Institute 
(ANSI) and the international systems automation (ISA) 
society have developed standards for the functional safety — 
safety instrumented systems for the process sector (ANSI/ 


ISA-84.00.01-2004 Parts 1, 2, and 3). These standards pro- 
vide the framework, requirements, and guidelines for the 
application of SIS and guidance for the determination of SIL. 

Many processes have flammable and harmful chemicals 
that may in some cases be explosive and lethal. The safety 
hazard can be the result of direct contact with the chemical 
or from parts of damaged process equipment. The SIS will 
initiate actions to prevent and mitigate a hazardous event if 
process variables get too high or low for safe operation. The 
discrete status of a process variable being out of a safe range 
is set by field process switches, transmitter signal switches, 
and software value switches. Examples of these switches are 
shown in Figures 1.5 through 1.7. 

Field process switches have a process connection that puts 
the process fluid in contact with the trigger mechanism or 
sensing element. Older mechanical examples are bellows or 
bourdon tube pressure switches, bimetallic or filled capillary 
temperature switches, paddle-type flow switches, and float or 
displacer level switches. Newer electronic examples include 
capacitance, ultrasonic, and microwave level switches. These 
switches don’t provide an online measurement of the pro- 
cess variable (e.g., pressure, temperature, flow, and level). 
Consequently, it is difficult to monitor their sensing ability 
or integrity online. Older mechanical switches are particu- 
larly problematic because of accuracy problems that include 
hysteresis and repeatability and wear and tear from process 
exposure and age. These switches were predominately used 
in packaged equipment and utility systems to reduce the cost 
of the instrumentation. 

Experienced users realize that the reliability and life cycle 
cost of process switches are improved by the use of continuous 


Community emergency response 
Emergency broadcasting 


Plant emergency response 
Evacuation procedures 


Mitigation 

Mechanical mitigation systems 
Safety instrumented control systems 
Safety instrumented mitigation systems 

Prevention 

Mechanical protection systems 
Process alarms with operator corrective actions 
Safety instrumented control systems 
Safety instrumented prevention systems 

Monitoring and control 
Basic process control systems 
Monitoring systems (process alarms) 
Operator supervision 

Process 


FIG. 1.4 

Protective layers for risk reduction. 


© 2012 by Bela Liptak 


1 Distributed Control Systems and Process Plants 13 



FIG. 1.5 

Field process switch. 



FIG. 1.6 

Transmitter signal switch. 



FIG. 1.7 

Software value switch. 

measurements and switches on the transmitter output signal. 
In the early days of process control, the pneumatic transmit- 
ter output (3-15 psig) went to rack mounted pneumatic pres- 
sure switches. With the advent of electronic instrumentation 
in 1970s, the electronic transmitter output (e.g., 4-20 mA dc 
or 1-5 Vdc) went to rack-mounted current or voltage switches. 

The discrete outputs of field process switches and transmit- 
ter signal switches were typically contact closures that would 
de-energize relays, motor control, and solenoid valves for pre- 
vention and mitigation of unsafe conditions. De-energization 
is normally used as the discrete output state to insure an elec- 
trical failure puts the process in a safe state. The solenoid 
valve (SV) is a three-way valve, whose operating and trip posi- 
tions are set by the energization and de-energization, respec- 
tively, of an electrical solenoid. Solenoid valves take less than 
a second to switch position. The wetted materials for the body 
and switching element are not extensive and the flow path not 
smooth enough for installing an SV on a process line. Some 
SVs are used on air, water, and other utility streams, particu- 
larly on packaged equipment. In most process applications, 
the SV is on air line of a control valve to exhaust upon de- 
energization the air to a spring return actuator to open or close 
the control valve. The spring puts the valve in the fail-safe 
position. For double acting piston actuators, dual SVs are used 
to fill and exhaust the sides of the piston to open or close the 
valves. Local air tanks are used to insure a fail-safe position. 

These safety systems are often activated by high temper- 
ature and pressure measurements but many types of online 


© 2012 by Bela Liptak 







14 Process Control and Automation 


measurements are used. These measurements need to be fast 
and reliable. 

A high SIL requires instrumentation and logic solver 
redundancy for reliability. “1 out of 2,” “2 out of 3,” or “3 out 
of 5” voting system are used with redundant measurements to 
trigger a trip. A “1 out of 2” voting system is a quite common 
method of improving the reliability of the shutdown system. If 
one measurement reaches the safety setting, a trip is initiated. 
However, this makes the plant more susceptible to false trips 
due to sensing element or transmitter problems. False trips are 
quite costly for large continuous processes. The startup after a 
trip can be difficult, require significant time, and necessitate a 
transition through process conditions that are more hazardous 
than during normal operation. Thus, minimization of trips is 
both an economic and safety issue. Consequently, a “2 out 
of 3” voting system is sometimes used, where 2 measure- 
ments have to reach the interlock system to initiate a trip. This 
voting system eliminates a false trip or disabling of the SIS 
due to a single measurement problem. A “3 out of 5” system 
requires 3 measurements out of 5 measurements to vote for 
a trip. These systems are used in nuclear reactors to protect 
against two measurement problems causing either a false trip 
or the inability to trip on a true unsafe condition. 

Continuous Processes 

A process is operating in the continuous mode if the prin- 
ciple discharge flow is nonzero during normal operation. 
In the batch process mode, the principal discharge flow is 
zero until the batch is done. This simple distinction based on 
significant implications as to the dynamic response of these 
processes is somehow lost in the complexity of automation 
systems. Processes operating in the continuous mode use 
control loops as shown in Figure 1.8 for modulating final 
control elements. 

Most of the older and higher volume processes (e.g., com- 
modity chemicals) use continuous mode operations, which 


is characterized by steady state values of the process vari- 
ables. The dynamic behavior of the process is classified as 
self-regulating. There can be long periods of quiet opera- 
tion where the process variables are drawing straight lines. 
However, continuous processes may have long lines of equip- 
ment and parallel lines (trains) of equipment. The flows of 
the parallel lines of equipment diverge from and converge to 
common points in the process, which are often surge tanks. 
Consequently, the startup, shutdown, production rate change, 
and product grade transition of any piece of equipment can 
spread to other lines and ripple through and upset the whole 
system. 

Recycle streams are process output streams that are 
returned as process input streams to recover solvent or raw 
material feeds that are not completely converted to product. 
The use of recycle streams makes processes more efficient by 
a decrease in makeup solvent, an increase in conversion, and 
a reduction in waste treatment. However, recycle streams can 
cause the dynamic response of concentrations to be integrat- 
ing. If the controller is put in manual, the process variable 
will ramp at a constant rate provided there are no distur- 
bances or load changes. 

In processes that are running in the continuous mode, 
the discharge flows from vessels are open. A level controller 
manipulates an inlet or outlet flow to keep the level constant 
except during startup, shutdown, and transitions. In surge 
tanks, an error-squared algorithm or notch gain may be used 
to reduce the correction for levels well within the tank low- 
and high-level alarm limits. This strategy reduces the vari- 
ability in feed to downstream units. If the level controller is in 
manual or is not keeping the level constant, the composition 
and temperature responses move from self-regulating to inte- 
grating to a degree dependent upon the mismatch between 
inlet and outlet flows. 

Flow and liquid pressure processes are inherently con- 
tinuous and self-regulating when in service because the flow 
out is equal to the flow into the control valve whenever the 



FIG. 1.8 

Example of a control loop for continuous and fed-batch control. The scaler block (SCLR) that convert between engineering units of appli- 
cation and % of scale used in PID algorithm is embedded hidden part of the Proportional-Integral-Derivative block ( PID ). 


© 2012 by Bela Liptak 








1 Distributed Control Systems and Process Plants 15 


valve is open. There is no change in mass inventory between 
the entrance and exit of the system. Gas pressure processes 
are usually integrating, because there is a change in mass 
inventory if the loop is in manual. An increase in pressure 
will not increase the flow out of the volume enough to match 
the flow going into the volume and vice versa. 

When there are several diverging and converging streams 
from parallel unit operations, the process can be difficult to 
analyze and control. Complicating factors such as catalyst 
activity deterioration, coating or fouling of heat transfer sur- 
faces, equipment being pushed well beyond their nameplate 
capacity, and undersized surge tanks, can lead to a system 
that is in a perpetual state of disruption. 

Some people view a continuous process as a long 
batch because the process has a beginning and an end and 
the startup and shutdown sequences are similar to batch 
sequences. This view is interesting but misleading because 
during normal operation, the level of a continuous process is 
constant and the response is self-regulating. The most impor- 
tant period, which is when the product is being produced, is 
a continuous process. 

Self-Regulating Processes 

The dynamic response of a temperature, concentration, or 
pH measurement as shown in Figure 1.9 is self-regulating for 
the continuous mode. If the controller is put in manual, the 
process variable will line out at final value provided there 
are no disturbances or load changes or recycle streams. The 
observed dead time (0 O ) is the time of no process response 
after a change in the controller output. The process time 
constant is the time to reach 63% of the final change after 
the process breaks out of the noise band with a recognizable 
response. While the terms “process dead time” and “process 



dead time time constant 

FIG. 1.9 

Self-regulating response of control loop in the continuous mode. 


time constant” are normally used, more correct terms would 
be “total loop dead time” and “open loop time constant” 
(T 0 ), respectively. The descriptor “open loop” is an important 
distinction for tuning methods that use a “closed-loop time 
constant” (x c ) called Lambda (X). which is the time to 63% 
of a set point change. Lambda is used to specify the control- 
ler’s speed of response in the automatic, cascade, or remote 
cascade mode, which is important for the coordination and 
performance of loops. In contrast, the “open-loop time con- 
stant” does not depend upon controller tuning but describes 
the response of the rest of the automation system. When a 
controller is in manual or remote output modes, there is no 
feedback control. The loop is open at the controller in the 
block diagram Figure 1.10. 

The open-loop time constant (x„) is the largest time con- 
stant in the loop (largest time constant in the block diagram 
Figure 1.10). Hopefully, the largest time constant is in the 
process, so it slows down process disturbances. 

The largest time constant can occur in the measurement 
for an excessively large sensing element time constant, trans- 
mitter damping setting, or DCS filter time setting. The larg- 
est time constant can occur in the final element if a control 
valve has a large actuator or a positioner with poor sensitiv- 
ity or a large prime mover has an undersized motor. These 
scenarios are particularly troublesome for flow and liquid 
pressure loops because these processes are so fast. Poor 
temperature sensing elements and damper installations can 
be problematic for furnace and dryer temperature and pres- 
sure loops even though their process dynamics are slower. In 
these situations, the measurement is providing an attenuated 
and slow view of the actual process variable or the final ele- 
ment is providing a slow correction of the flow. 

The total loop deadtime (0 O ) is the sum of all the dead 
times in the loop. Dead time is a problem no matter where it 
occurs because it delays either the observation or reaction to 
a disturbance. The minimum integrated absolute error (IAE) 
for loops tuned for maximum load rejection is proportional to 
the square of the total loop dead time. The peak error is pro- 
portional to the loop dead time open-loop time constant ratio. 

The process gain is the change in the measurement output 
in percentage divided by the change in controller output. The 
process gain is more properly known as the open-loop gain. 
The open-loop gain depends upon the dynamics of the final 
elements and measurements besides the dynamics. The mea- 
surement gain is inversely proportional to the measurement 
span, an important consideration in the effect of measure- 
ment setup on controller tuning. The literature rarely breaks 
down dynamics into contributing parts of an automation sys- 
tem leading to misunderstandings. 

Some responses have a time constant so slow, their 
response in the region of interest around the set point looks 
like a ramp. These processes are called “near-integrating” 
or “pseudo-integrating” processes and can be analyzed and 
tuned as if they had an integrating response as shown in 
Figure 1.11 by converting the self-regulating process gain to 
an integrating process gain. 


© 2012 by Bela Liptak 


16 


Process Control and Automation 


Delay Lag Gain 



Total observed dead time : 0 O + 0„ + Q pl + 0 p2 + 0 ml + 0 m2 + 0 C + t v + j pl + T ml + x m2 + T cl + t c2 


FIG. 1.10 

Block diagram of final control element, process, and measurement dynamics. 



dead time 


FIG. 1.11 

Integrating response of level, gas pressure, and batch control loops. 

Integrating Response 

The following process variables and processes tend to have 
an integrating response: 

• Level in vessels with pumps on discharge 

• Gas pressure in columns, dryers, and vessels 

• Composition in continuous processes with no level 
control 


• Composition in continuous processes with recycle 
streams 

• Composition of pH and temperature in batch operations 

An integrating response has no steady state. When the 
controller is in manual, the process variable will ramp at a 
rate dependent upon the unbalance. The easiest integrating 
process to visualize is the level. If the main discharge flow 
is pumped out, an increase and decrease in level will not 


© 2012 by Bela Liptak 









1 Distributed Control Systems and Process Plants 17 


appreciably increase or decrease the discharge flow, respec- 
tively. The level will ramp up or down whenever the total of 
the flows coming into the vessel does not exactly match the 
total of flows going out of the vessel. Any exact match of 
incoming and outgoing flow is temporary at best. The ramp 
rate depends upon the unbalance in these flows and the size 
of the vessel. Integrating processes are more difficult to con- 
trol but fortunately tend to be much slower giving a chance 
for the controller to catch up with a disturbance provided it is 
properly tuned to take advantage of the slow ramp rate. 

Batch Processes 

Most ingested or injected products (foods, beverages, and 
pharmaceuticals) use batch processes because quality is pre- 
dictable if the recipe is carefully followed and good and con- 
sistent quality raw materials are used. There is no retention of 
old material or build up of impurities or contaminants associ- 
ated with continuous processes since the vessel is completely 
emptied and can be clean and sterilized in between batches. 
New processes for specialty chemicals also use batch opera- 
tions because batch system is easier to develop and design 
since it essentially follows a cookbook approach. However, 
for a given size of equipment, a batch process will not pro- 
duce as much as a continuous process. As products mature 
and production capacity requirements increase, the produc- 
tion tends to move from batch to continuous mode. 

In batch processes, the liquid or solids discharge flow does 
not match the total flow coming into the vessel. Consequently, 
the liquid or solids level is rising or lowering. In pure batch 
processes, the discharge flow is shutoff until the end of the 
batch cycle when the vessel is drained. The rise or fall in 
level from the mismatch of flow going in and out changes the 
dynamic response of vessel temperature, concentration, and 


pH from self-regulating to integrating, which has important 
implications in terms of process control. 

To understand the distinctive difference between a batch 
and continuous operation, consider the preparation of a meal. 
The making of a pot of chilli in a pure batch mode is shown 
in Figure 1.12. There is a definitive sequential recipe where 
tomato sauce, beans, spice, and secret ingredients are added 
until the pot is full. The pot is cooked until the mixture 
melds, reaches a temperature, and simmers. When the peak 
flavor is reached, the pot is emptied. The pot is sampled at a 
frequency and loss in volume dependent upon the taste and 
hunger of the stirrer and whether your spouse is looking. 

A chilli process operating in the continuous mode might 
start out with a batch mode but once the chilli had reached 
peak flavor, a drain valve would be opened and a simulta- 
neous addition of ingredients would be started whose total 
flow matches the discharge flow of chilli as shown in Figure 
1.13. Getting to the balance condition is difficult but once 
you reach it, the flow and taste should be consistent. For a 
given size pot, a continuous process can produce more chilli 
because you don’t have the addition and drain times and the 
flow rate can be increased to a point commensurate with the 
heating capacity. The quality or taste might not be as good as 
a batch process because a fraction of the ingredients added 
are going out without enough simmer time, particularly as 
the production rate is increased. 

Fed-Batch Processes 

Fed-batch is termed a semi-continuous operation because 
it would simultaneously add ingredients as part of a ratio 
control scheme where the flow of each ingredient is kept in 
the proper proportion to each other as shown in Figure 1.14. 
Usually this occurs after a pre-charge of some ingredients 



FIG. 1.12 

Pure batch process mode for chilli. 


© 2012 by Bela Liptak 


18 


Process Control and Automation 



FIG. 1.13 

Continuous process mode for chilli. 



FIG. 1.14 

Fed-batch process mode for chilli. 


and heating of the mixture to operating temperature. The 
simultaneous addition continues until the pot is full at which 
time it goes into a simmer mode. While this is termed semi- 
continuous, it does not have the dynamic characteristics of a 
continuous process because the level is rising. 

The control systems for pure-batch chemical processes 
tend to not to have as many control loops as continuous con- 
trol systems. The feeds are often charged based on a weight 
or flow total basis without flow loops. Online concentration 


measurement and control is rare in chemical batch processes. 
The profiles of intermediate and product concentrations are 
largely secret. 

Pure-batch processes typically have pressure and tem- 
perature loops. The pressure is often controlled by manipula- 
tion of a gas or vent flow. Temperature usually controlled by 
manipulation of cooling or heating. We should not generalize 
that batch processes do not have as many control loops as 
continuous processes. 


© 2012 by Bela Liptak 


1 Distributed Control Systems and Process Plants 19 



FIG. 1.15 

Fed-batch cell culture bioreactor control system. 


Fed-batch control systems have feed flow loops and pH 
or concentration control loops to correct the ratio of ingredi- 
ent flows. In the case of gas-phase reactions, the gas reactant 
feed flow is often manipulated by a pressure loop that inher- 
ently corrects for the consumption of the gas reactant. 

Fed-batch cell culture bioreactors have dissolved oxygen, 
viable cell, and biomass concentration and pH loops besides 
temperature and pressure loops and in the near future will have 
glucose and glutamine concentration control loops as shown 
in Figure 1.15. This combined with air, oxygen, inert gases, 
carbon dioxide, glucose, and glutamine flow loops added up to 
a complexity seldom seen in continuous chemical processes. 

Many of the batch variables follow a batch profile (curve) 
that usually starts at a low value and reaches a peak in the 
batch due to an increase in product or by-product forma- 
tion rate. Consider a batch bioreactor with measurements of 
the process inputs (air, glucose, and reagent feed flows) and 
process outputs (pH and concentrations of dissolved oxygen, 
glucose, biomass, and product). For cell cultures, there are 


additional measurements of oxygen, inert gas, carbon diox- 
ide, glutamine feed flows, viable (live) cell concentration, 
and ammonia by-product formation. 

Profile Control 

The degree of process control determines how many of 
the measurements of process outputs follow a batch profile 
(curve). Process control loops make process outputs draw 
straight lines by transferring variability in process outputs to 
process inputs. 

A simple bioreactor example, where the media (glucose 
and nutrients) and seed cells have been pre-charged and the 
batch has reached operating temperature, illustrate the prin- 
ciple of transfer of variability that has profound implications 
not commonly recognized in the literature on process analy- 
sis, efficiency, and consistency. 

The mindset of process research, development, and 
design in universities and industry of determining process 


© 2012 by Bela Liptak 



























20 Process Control and Automation 


outputs by fixing process inputs per script is performance 
limiting and difficult to change in practice. The experimen- 
tation in research sets the path of fixing the values and tim- 
ing of additions and heating and cooling. The lack of process 
control loops in research and process development translates 
to process definitions that are deficient in basic and advanced 
process control. If there is variability in the process outputs, 
there is a more stringent effort to keep most process inputs 
fixed and improve the role of a few inputs viewed as key. 
Process engineers who have achieved particular expertise in 
orchestrating the process inputs are reluctant to give up per- 
sonal control of these inputs to a control loop and a process 
control engineer. The solution is to put a lab-optimized DCS 
with control loops and advanced control tools in the research 
lab similar to what has been done for benchtop and pilot- 
plant bioreactors. 

DISTRIBUTED CONTROL SYSTEM ARCHITECTURE 

The major components that make up a process control sys- 
tem are illustrated in Figure 1.16. The operator interface to 
the process is typically made up of standard off-the-shelf 
personal computers (PCs), PCs, standard keyboards, mice, 
and liquid crystal display (LCD) monitors. The use of custom 
keyboards and furniture for the operator interface is often not 
a viable option because of the associated cost and restrictions 
on operations. Initial fears that operators would not accept a 
standard keyboard and mouse have long been proven wrong 
by successful installations on a variety of processes. To pro- 
vide a wider view and range of control, dual or quad monitor 
arrangements are often included as part of the operator station. 
Large-screen plant overview displays are now making their 
way into many sites. Similarly, the speed, memory, and disk 


capacity of PCs has proven sufficient to address the require- 
ments of the engineering stations that are utilized for system 
configuration and diagnostics. Also, the price performance of 
PCs has driven their adaptation as application stations for the 
integration of third-party software into the control system. 
Standard operating systems such as Windows Server 2008, 
Windows XP, and Windows 7 are often preferred because of 
the broad developer support available to manufacturers. 

Equipment that the operator uses to monitor process con- 
ditions and to manipulate the set points of the process oper- 
ation is located in a central control room or distributed on 
the plant floor close to the equipment. From these locations, 
the operator can (1) view information transmitted from the 
processing area and displayed on operator displays and (2) 
change control conditions from an input device. Changing 
control conditions usually requires security privileges. The 
controlling portions of the system, which are distributed at 
various locations throughout the process area, perform two 
functions at each location: the measurement of analog vari- 
able and discrete inputs and the generation of output signals to 
actuators that can change process conditions. Input and output 
signals can be both analog and discrete. By means of electri- 
cal transmission, information is communicated between the 
central location and the remotely located controller locations. 
The communication path is either a cable from each remote 
location to the central station, or a single cable data highway 
interfacing all the remote stations — the cable in some cases 
can be a wireless connection via radio, microwave, or satellite. 

Functional Components 

DCS are made of workstations, controllers, IO Cards, IO buses, 
control networks, control technology, and a variety of applica- 
tions. Controllers are connected to field devices via analog, 


Operator interface 


Engineering stations 



Redundant 

networking 


FIG . 1.16 

Physical structure of a digital control system. 


© 2012 by Bela Liptak 









1 Distributed Control Systems and Process Plants 21 


digital, or combined analog/digital buses. The field devices, 
for example, valves, valve positioners, switches, and transmit- 
ters (e.g., temperature, pressure, level, and flow rate sensors), 
are located within the process environment and perform pro- 
cess functions such as opening or closing valves, measuring 
process parameters, etc. Smart field devices, such as the field 
devices conforming to the IO bus protocols, may also perform 
control calculations, alarming functions, and other control 
functions. The controllers hold control strategies, which often 
encompass control strategies distributed across field devices. 
Control strategies in controllers send signals over the com- 
munication lines to the field devices to control the operation of 
the process. The core functional components of process con- 
trol system may be illustrated as shown in Figure 1.17. 

Information from the field devices and the controller is 
made available over a control network to operator worksta- 
tions, data historians, report generators, centralized data- 
bases, etc. These nodes run applications that may, for example, 
enable an operator to perform functions with respect to the 
process, such as changing settings of the process control rou- 
tine, modifying the operation of the control modules within 
the controller or the field devices, viewing the current state 
of the process, viewing alarms generated by field devices and 
controllers, simulating the operation of the process for the 
purpose of training personnel or testing the process control 
software, keeping and updating a configuration database, etc. 


Process Control Networks 

The communication link for the controller and the PCs that 
make up operator, engineering, and application stations is 
a key feature of the process control system. To provide a 
deterministic communication of process alarms and values 
needed by the operation, earlier DCS systems utilized cus- 
tomer communication interface. However, these have been 
largely replaced in most process control systems by inexpen- 
sive Ethernet interfaces operating at communication rates of 
10Mbps, 100Mbps, and 1 Gbps. The limitations on the max- 
imum distance between hub and workstation can be over- 
come by using fiber-optic cables. For example, at 100Mbps, 
the distance limitations are 100 m with the twisted pair and 
2000 m with fiber cables. 

Uncertainty in communications due to packet collisions 
can be eliminated by using full-duplex switches rather than 
hubs since each interface has its own channel to transmit on. 
By designing the PC communication interface to utilize two 
Ethernet interface cards, it is possible to provide fully redun- 
dant communications. 

As was shown in Figure 1.18, the operators’ console in 
the control room can be connected through a shared com- 
munications facility (e.g., process control network consisting 
of Ethernet switches and CAT5 cable) to several distributed 
system components. These components can be located either 



Workstation 


J 


> Controller 


I/O cards 


Buses 


FIG. 1.17 

Components of a digital control system. 


© 2012 by Bela Liptak 


22 


Process Control and Automation 



FIG. 1.18 

DCS configuration. 

in rooms adjacent to the control room or out in the field. 
These distributed control units, which can be remote control- 
lers, intelligent devices such as fieldbus devices, or remote IO 
modules, can in some cases also provide a limited amount of 
display capability, low-level operator’s interface (LLOI). An 
example of this is a local panel connected to a serial device 
using a MODBUS protocol. 

A specific DCS for a particular plant is configured from 
standard building blocks that are provided by most DCS sup- 
pliers. Figure 1.18 also illustrates the categories of compo- 
nents that are available when configuring DCS systems. These 
components include the operator consoles in the central con- 
trol room, controllers, IO cards, and communications compo- 
nents. The components also include bus cards interfacing to 
Fieldbus, Profibus, DeviceNet, AS-Interface, and other buses. 

The preferred approach when laying out the control sys- 
tem is to keep the 10 with the unit and unit operations of the 
process, such as a chemical reactor or a distillation column, 
in the same physical controller. If this approach is selected, 
the process will remain under control as long as the control- 
ler is functioning. To make this scenario even more reliable, 
the controller and IO modules can be made redundant. 

Operator Console 

The viewing applications, which may run on one or more 
operator workstations, receive data from the controller appli- 
cation via the control network and display this data to process 
control engineers, operators, or users using the user inter- 
faces, and may provide any of a number of different views, 
such as an operator’s view, an engineer’s view, a maintenance 
worker’s view, etc. 


Operator display applications are typically implemented 
on a system-wide basis in one or more of the workstations 
and provide preconfigured displays to the operator or main- 
tenance persons regarding the operating state of the control 
system or the devices within the plant. Typically, these dis- 
plays take the form of alarm summary displays that receive 
alarms generated by controllers or devices within the process 
plant, control displays indicating the operating state of the 
controllers and other devices within the process plant, main- 
tenance displays indicating the operating state of the devices 
within the process plant, etc. These displays are generally 
engineered to conform to a plant standard. Often, displays 
are created through the use of objects that have an associ- 
ated graphic. The object may animate the graphic on the 
display screen based on the received data to illustrate, for 
example, that a tank is half full, to illustrate the flow mea- 
sured by a flow sensor, etc. While the information needed for 
the displays is sent from the devices or configuration data- 
base within the process plant, that information is used only 
to provide a display to the user containing that information. 
As a result, all information and programming that is used to 
generate alarms, detect problems within the plant, etc. must 
be generated by and configured within the different devices 
associated with the plant, such as controllers and field devices 
during configuration of the process plant control system. 

While error detection and other programming is useful 
for detecting conditions, errors, alarms, etc. associated with 
control loops running on the different controllers and prob- 
lems within the individual devices, it is difficult to program 
the process plant to recognize system-level conditions or 
errors that must be detected by analyzing data from different 
devices within the process plant. 


© 2012 by Bela Liptak 




1 Distributed Control Systems and Process Plants 23 


Control System Configuration 

Like any computer, distributed control equipment must be 
told what to do. Programming the process control system 
instructions is called configuring. There are several aspects 
to the configuration, the physical configuration, and the con- 
trol strategy configuration. These two activities are generally 
run in parallel and brought together as the project is engi- 
neered. The configuration database enables users to create 
and modify control strategies and download these strate- 
gies via the process control network to distributed control- 
lers, consoles, and devices. Typically, the control strategies 
are made up of interconnected function blocks, sequential 
function charts (SFC), equipment and units representations, 
etc., which perform functions within the control scheme 
based on inputs and which provide outputs to other function 
blocks and/or 10 within the control scheme. The configura- 
tion application also allows a designer to create or change 
operator interfaces, which are used by a viewing application 
to display data to an operator and to enable the operator to 
change settings, within the process control system. Each con- 
troller and, in some cases, field devices, stores and executes a 
controller application that runs the control modules assigned 
and downloaded to implement actual process control func- 
tionality. The general configuration items are illustrated in 
Figure 1.19. 


For regulated and highly critical applications, such as those 
requiring FDA certification, the configuration may be versioned. 
The version and audit trail application records all changes, who 
made the changes, and when the changes were made. 

The physical configuration requires configuring the 
nodes, cards, and devices. In many systems, this activity is 
greatly simplified using auto-sense capabilities. 

In a DCS, there must be a consistent means of represent- 
ing and referencing information. Ideally, such reference can 
be made independent of the physical device that holds this 
information. A common way to accomplish this is to concep- 
tually divide data within the control system into units that are 
assigned a unique identifier known as a tag. The S88 batch stan- 
dard defines such logical grouping of measurement, calcula- 
tion, or control as a module. When a control system follows this 
convention, then each module is assigned a tag that is unique 
within the control system. Based on this tag and the structure of 
the components in the module, it is possible for applications in 
the control system to reference any piece of information. 

DCS systems support multiple control languages. The 
control languages include function block diagrams, SFC, 
and structured text. The languages may also include ladder 
diagrams and instruction lists. Some systems may be IEC 
61131-3 compliant. Most control systems also include inter- 
locking and batch capability — in most cases, supporting S88. 



S' £t Controller-1 
— 1 AsatpedlitaKes 
— A hiigti dModfa 

s *8 

i-icoi 

CD2 

□ ICO! 

R^POl 

E 3 AB SIC 5 
: w DATASET 1 
£ £jj AS SIC 5 #2 

B~IC04 

=#POI 

S P? IrwcktFdlu Deter 
- LW;n»»i Denw Tjpe 

B- 3051 C Transmitter 

-% pt -408 Transmitters 

ffl- fr PT-402 J 

B- % PT-403 ^ 

£- 4 PT-404 
B-% PT-405 


FIG. 1.19 

Configuring physical aspects of DCS. 


© 2012 by Bela Liptak 



24 Process Control and Automation 


Some systems also support embedded advanced control and 
safety functions. The control strategies can often be mixed. 
Strategies can reference IO as well as local and remote 
parameters. 

An important feature of DCS systems is their ability to 
be upgraded on-line. Most systems have extensive support 
for holding the last value, using a default value, or moving to 
some known state. 

One of the features that make DCS so powerful is their 
algorithm library, which is already prepared and can be used 
just by calling for it. This enormously simplifies the task of the 
process control engineer, whose job is reduced to answering a 
number of questions, such as the ones listed in Table 1.2. What 
most distinguishes the DCS suppliers is the size and quality of 
their algorithm library. When it comes to implementing some 
of the more advanced control strategies, it makes all the dif- 
ference if the algorithm library includes, say, dynamic com- 
pensation lead/lag blocks for feedforward, external feedback 
for anti-windup, self-tuning, etc., not to mention the more 
demanding algorithms for analog input, statistical process 
control, fuzzy logic, or model-based optimization. 

Configuration of the control strategy often makes use of 
libraries of pre-built control logic. The pre -built control logic 
can be linked into final control strategies in which case any 
changes to the library are automatically propagated to each 
control item. Alternatively the pre-built control logic can be 
embedded or unlinked so that individual control strategies 
are unaffected by changes in the library. 

Batch and larger continuous projects take the reuse 
another step further. Following the suggestions of S88, the 
projects define strategies as a set of class-based items that 
come together as a complete class-based strategy. In these 
cases creating a control strategy from a class-based library 
item often instantiates a significant set of configuration. 
Binding these configurations to actual IOs, loops, and equip- 
ment becomes a “fill in the table” exercise. 


Input/Output Cards 

The requirements for redundancy and interfacing for I/O pro- 
cessing dictate that the process controller be a custom hard- 
ware design. Multiple processors are often used to address 
the communication and I/O processing and control execu- 
tion. Also, a real-time operating system for embedded appli- 
cations is often used to provide deterministic scheduling and 
execution of control. A large variety of I/O cards are nor- 
mally provided to address a variety of field measurements 
and actuators: 

• Analog input (isolated) 1-5 V DC, 4-20 m A 

• Analog output 4-20 mA 

• Isolated RTD input (2,3,4 wire) and thermocouple 
input (B, E, J, K, N, R, S, T) 

• Discrete input 24 V DC, 120/230 V AC 

• Discrete output 24 V DC, 120/230 V AC 

• Pulse count input 

• Pulse duration output 

Since digital transmitters and actuators that utilize a vari- 
ety of communication protocols and physical interfaces are 
available, many manufacturers offer interfaces to the most 
common buses. Also, serial interfaces cards are often sup- 
ported for interfacing to supporting systems. Examples of 
these communication interface cards are 

• HART Al-Card, 4-20 mA 

• HART AO Card, 4-20 m A Series 

• DeviceNet (Baud rate 125, 250, 500 kbit/s) 

• FOUNDATION Fieldbus 

• AS -Interface 

• Profibus DP Baud rate (9.6, 19.2, 93.75, 187.5, 500, 
1500 kbit/s) 

• Serial Interface (Modbus or Allen Bradley’s Data 
Highway Plus protocol) 


TABLE 1.2 

Distributed Control Functions Entered through Configuration 

Item Description of Configured Item 

1 Highway definition — assign names and addresses to the workstations and controllers that make up the DCS. 

2 Configure reusable configuration components and store them in a configuration library. 

3 Configure system-level items such as enumeration sets, engineering units, and alarm priorities. 

4 Configure loops, equipment, units, process cells, and areas. Make use of library as much as possible. 

5 Bind inputs and outputs in control strategy to actual IO and devices in physical hierarchy. 

6 Configure additional alarming. 

7 Assign control strategies to controllers. 

8 Configure historical values. 

9 Download configuration into controllers, workstations, IO cards, and devices. 

10 Tune parameters (gain, reset, sensitivity, ratio, etc.) and limits (alarm limits, output rate, etc.) for each control loop. 

1 1 Check out sequences. 

12 Check out first level of control strategy, displays, alarming. 

13 Run water batches checking out critical loops. If this is a batch, system begins checking out phases. 

14 Check out first level of control strategy, displays, alarming. 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 25 


In addition, some manufacturers may offer I/O cards to meet 
special requirements. For example, sequence of events (SOE) 
input cards are used to capture process-upset events coming 
directly from devices in the field. Because events are cap- 
tured and temporarily stored locally — on the SOE input card 
itself — faster recording for each of the channels on the card is 
possible. For example, events captured by an SOE input card 
are time stamped using a l A ms resolution. 

Input and output terminations are made at terminals 
that are either part of the electronic mounting frames or on 
separate terminal boards. In the latter case, there will usu- 
ally be a cable connection between the terminal board and 
the electronic controller file. Connections are usually made 
from the front of the cabinet. An alternate method is to use 
a separate termination cabinet, filled with rows of terminal 
strips. This requires extra wiring from the termination cabi- 
net over to the terminals in the remote controller cabinet, 
but it has the advantage that field wiring can be completed 
before the distributed control housings are delivered and 
installed. 

Conventional 10 

Analog I/O signals will usually be carried on shielded, 
twisted pairs of copper wire. Digital I/O can be carried on 
twisted pairs, which do not, however, have to be shielded. 
Analog signals should never be run in proximity to alternat- 
ing current wiring. The controller hies operate almost uni- 
versally on 1-5 V signals, so the most common input is a 
4-20 mA current signal, developing a 1-5 V input across a 
2500 resistor mounted on the input terminal board. Some 
DCS can accept low-level signals from resistance tempera- 
ture detectors (RTDs) and thermocouples, performing the 
signal amplification in their input electronic circuitry. A few 
systems can accept pulse input with frequencies sufficiently 
high to allow signals from turbine how meters to be used 
directly. 

Most suppliers offer some conditioning of signals. 
Taking the square root, linearizing signals derived from 
thermocouples and resistance thermometers, and dampen- 
ing noisy inputs can be selected by configuration. Some 
I/O boards provide terminals with fused 24 V DC power 
that can be used to supply a positive voltage to two-wire 
transmitters. 

Separate terminal boards may also be supplied for digi- 
tal I/O signals. Usually, optical isolation is provided. A DC 
input signal (or a rectihed AC input signal) causes a light 
emitting diode (LED) in the isolating relay to be energized. 
A photoelectric device energized from the LED actuates 
a transistor in transistor-transistor logic (TTL) input cir- 
cuitry to signal a digital input. A digital output signal is 
similarly isolated to actuate a transistor driver circuit for 
DC outputs or a triac for AC outputs. The solid-state relay 
from which the output is generated functions like a dry con- 
tact, and the output must be powered from a separate power 
source. 


Diagnostics 

Integrated diagnostics is an important feature of the DCS. 
The diagnostics cover the hardware, redundancy, communi- 
cations, control, and to some extent, the software that makes 
up the DCS. 

Redundancy 

Redundancy is another important aspect of the DCS. The DCS 
tends to have redundant communications, redundant control- 
lers, redundant 10 cards, and often redundant IO communica- 
tions. It is also possible to take redundant measurements and 
select between them during control execution using a signal 
selector. Perhaps the most important benefit of redundancy is 
the ability to online upgrade components of the control system. 

Historical Data 

The DCS usually includes the ability to collect batch, con- 
tinuous, and event data. A centrally defined history database 
is available for the storage of historical data. The value of 
any attribute, alarm of any control strategy, alert, or process 
condition can be recorded in the history database along with 
its status. In modern control systems, the data values are 
collected as an integrated feature of the system. Events are 
collected and time stamped at their source — in some cases, 
down to a few millisecond resolutions. Users and layered 
applications can retrieve the batch, continuous, and event 
data in a time-ordered fashion. For security reasons, values 
cannot be edited without leaving behind an audit trail. 

Security 

Security is a major part of the DCS. The DCS manages what 
a user is able to do by user, plant area, unit, and workstation. 
Layered applications have to be authenticated (form a ses- 
sion) before they are allowed access into the system. There 
are several aspects to security as summarized below: 

• Authentication — access to the DCS for users and lay- 
ered applications are controlled through the use of 
password-protected user accounts. 

• User — a human user of the DCS must have a user 
account on the system in order to gain access. All user 
accounts are named. User accounts have unique names 
within the scope of a site. All user accounts have a 
password, which must be provided in conjunction with 
the account name in order to start a DCS session. 

• Plant area security — a user account can be permitted 
or denied access to make changes within zero or more 
plant areas within a site. 

For each plant area where access is permitted, access can 
be restricted at runtime according to the classification of the 
runtime attribute data. For each plant area where access is 
permitted, the ability to make configuration changes can be 


© 2012 by Bela Liptak 



26 Process Control and Automation 


restricted. A user account can be permitted or denied access 
to view or modify user account and privilege information. 

In some systems, it is also possible to enable authoriza- 
tion. In these cases, a user, or, in some cases, several users 
will need to confirm by password the changing of certain 
parameters, starting/stopping a batch, etc. 

Integration 

When a new plant area is added or expanded, then the opera- 
tors of the new area may need some information about the 
existing plant to provide a coordinated operation. Similarly, 
the operators of the existing plant may need to have feedback 
from the new process area in making decision on how best 
to run the balance of the plant. In most cases, only a small 
fraction of the information in either system must be com- 
municated to support such coordination between these areas. 
Several techniques are used to integrate systems. 

The OPC Foundation has defined an industry standard for 
accessing information within a control system. Thus, many 
control systems provide OPC server capability in worksta- 
tions designed for interfacing to the plant local area network. 
OPC client applications in this station or on the network may 
access information using the path convention support by the 
control system. 

Alarms, Alerts, and Alarm Management 

A critical aspect of the DCS is its integrated alarms and 
event system. The system provides configuration, monitor- 
ing, and notification of significant system states, acknowl- 
edgements, and priority calculations. Events represent 
significant changes in state for which some action is poten- 
tially required. An active state of an event indicates that the 
condition that caused the event still exists. The acknowledge 
state of an event indicates whether an operator has provided 
acknowledgment that an event has occurred. In most systems, 
event types can also be defined. The event type specifies the 
message to be displayed to an operator for the various alarm 
states, and the associated attributes whose value should be 
captured when an event of this type occurs. Event priorities 
can also be defined. An event priority type defines the prior- 
ity of an event for each of its possible states. 

Many DCS systems now also support device and equip- 
ment alerts. Like process alarms alerts can have priority 
assigned to them, can be acknowledged, and convey informa- 
tion related to the condition that caused them. Unlike process 
alarms, however, these alerts are generated by the DCS hard- 
ware or devices and equipment external to the DCS. 

Alarms and alerts are presented to the operators in alarm 
banners and summaries. Using these specialized interfaces, 
operators can quickly observe and respond to conditions. 
They typically use these specialized displays to navigate to 
a display where they can view additional details and take 
action as appropriate. 


Operators can also suppress and filter alarms. Alarm sup- 
pression is typically used to temporarily remove alarms from 
the system for which some condition exists that the operator 
knows about (e.g., a piece of equipment has been shutdown). 
Alarm filtering provides a way for the operator to view col- 
lections of alarms. 

Alert Processing 

In 1996, the SP50 committee finished its fieldbus standards, 
including field-testing, and made the standards available in 
the form of a commercial product. The SP50 Committee 
of ISA handed the standards over to the International 
Electrotechnical Commission (IEC 1158) in the hopes that 
a worldwide fieldbus standard will be created. As part of 
SP50 alarms and events, collectively known as alerts, were 
included as part of the function block efforts. In the stan- 
dard, alarms and alerts represent state changes within func- 
tion block applications. Resources each have an alert notifier 
responsible for reporting their alert occurrences. Alerts 
objects are used to communicate the event to other devices. 

An alert notifier alleviates the need for a higher level 
device to poll function block applications to determine if 
alert conditions exist. They also relieve resource blocks, 
transducer blocks, and function blocks from the overhead 
of event notification processing so that their execution is not 
affected when an alert occurs. 

An alert notifier examines the results of resource, trans- 
ducer, and function block executions to determine if any of a 
defined set of alert states has been entered. For alarms, both 
entering and exiting alarm condition is defined as an alert 
state. When an alert occurrence has been detected, the alert 
object builds a report message, referred to as an event notifi- 
cation, and publishes it onto the network. The time at which 
the alert state was detected is included as a time stamp in the 
alert message. The reporting of alerts may be individually 
suppressed. A reply is required, which confirms receipt of 
the notification. If the reply is not received within a time-out 
period, the alert may be retransmitted. 

Alerts may also be acknowledged. Acknowledgment indi- 
cates that the alert has been processed by an interface device to 
satisfy operational interface requirements. In certain situations, 
function blocks may detect the occurrence of alerts (alarms 
and events). When they do, the associated resource alert noti- 
fier may use flexible manufacturing system (FMS) event notifi- 
cation services to notify the human interface application. 

Based on the type of alarm and event information, which 
may be reported by blocks contained in a resource, up to 
three classes of alerts may be defined in the resource: 

• Analog alert — alert used to report alarms or events 
whose associated value is floating point 

• Discrete alert — alert used to report alarms or events 
whose associated value is discrete 

• Update alert — alert used to report a change in the 
static data of the block 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 27 


A reply is required from one interface device that confirms 
receipt of the notification. If the reply is not received within a 
time-out period, the alert notifier will retransmit the notifica- 
tion. This method ensures that alert messages are not lost. 

Associated with each alarm is a time stamp that indicates 
the time when evaluation of the function block was started 
and a change in alarm state was detected, which is unre- 
ported. The time stamp value will be maintained constant 
until alert confirmation has been received — even if another 
change of state occurs. Also, the value of the associated 
parameter at the time the alert was detected is reported. 

A function block must detect the alarm condition. The 
alarm must be transported to the responsible entity, for exam- 
ple, interface device supporting human interface. The entity 
must confirm that the transport was successful. The alarm 
may require that a plant operator acknowledge that the alarm 
has been noticed, even if the condition has cleared. 

Every occurrence of an alarm must be balanced by a noti- 
fication that the alarm has cleared, or that the same alarm has 
occurred again before the clear could be reported. An alarm 
will also be cleared in a device when (1) an alarm that is 
active is disabled or (2) a block containing an active alarm is 
placed in out-of-service mode. In these cases, specific alarm 
clear messages should be generated, to allow remote alarm 
summaries to clear the alarm information for this block. 

Alarm Management 

Operator consoles maintain a list of active alarms in the 
system: 

• Registers interest in alarms/events (by plant area) in 
all other nodes in the system 

• Alarm state change events are routed to the software 
that maintains the active alarm list 

• Mechanism to regenerate active alarms in order to 
build the active alarm list in workstations starting up, 
or when additional plant areas are required 

• Background periodic alarm resynchronization mecha- 
nism to keep active alarm lists accurate (in particular, 
remove “dead” active alarm list item for alarm param- 
eters/modules/nodes that are no longer out there and 
communicating (and did not get a message out before 
they went away) 

Workstations select which alarms are eligible for inclusion in 
the workstation alarm list: 

• Must be in workstation’s “alarm scope” (set of plant 
areas) 

• Must be in current user’s “alarm scope” (set of plant 
areas that user has one or more security keys for) 

• Area level alarm filtering (per workstation) must be set 
to enable alarms from that area 

• Unit level alarm filtering (per workstation) must be set 
so if alarm is associated with a unit, that unit doesn’t 
have alarm turned off 


The workstation alarm list maintains the list in order of 
importance: 

• Unack ahead of acked 

• Then: Higher priority ahead of lower priority 

• Then: Condition still active ahead of condition 
cleared (latched) 

• Then: more recent “went active” time ahead of 
older alarms 

When alarms and alerts arrive at the operator console, they 
are first classified. Alarms and alerts can be classified into 
process alarms, device/equipment alarms, and hardware 
alarms. 

Alarms cover “traditional” process alarms: HI, LO, 
HI-HI, LO-LO, DEV, etc. They are highly configurable: 

• User configurable alarm (parameter) names 

• User configurable alarm types (alarm words, category, 
message content) 

• User configurable alarm condition (with arbitrarily 
complex logic to arrive at the alarm condition) 

• User configurable priority 

• Unlimited number per containing module 

Device alarms are from instruments, transmitters, 
valves, and equipment attached to the DCS. Relatively 
little configuration needed: 

• Limited/fixed number of distinct alarms: 

• FAILED 

• MAINTENANCE REQUIRED 

• ADVISE 

User configurable priority, and if alarm should be 
enabled or not 

Hardware alarms are triggered by the hardware compo- 
nents of the DCS (controllers, I/O cards, remote I/O com- 
munications links, redundant hardware, etc). Relatively little 
configuration is required. 

Operators interact with the alarm system through alarm 
banners and alarm summary displays. 

MEETING CONTROL PERFORMANCE REQUIREMENTS 

A key consideration for all control systems is that they 
must be able to meet control requirements. So what does 
this mean? The performance that may be achieved using a 
digital control system is determined by the control execu- 
tion rates, the delay introduced by IO processing, and the 
process dynamics. To achieve best control performance, 
the control execution rate must be set based on the pro- 
cess dynamics. For any selected module execution rate, 
the IO processing delay should be minimized and filter- 
ing provided to avoid aliasing of measurement data. As a 
guide in IO and controller design, the following must be 
addressed: 


© 2012 by Bela Liptak 



28 Process Control and Automation 


• Setting control execution rates — how this varies with 
process dynamics 

• 10 processing delay — the maximum allowable delay 
to minimize impact on control 

• Anti-aliasing filtering — requirements to support 
selectable module execution rates 

Control Execution Rates 

In most control systems, the user is allowed to configure the 
control execution rates. Typical execution rates include the 
following: 

• 100, 200, 500 ms 

• 1,2,5,10,30,60 s 

To achieve best control performance, the control execution 
rate must be set fast enough to allow the process dynamics 
to be accurately reflected in the closed loop response. The 
process dynamic of a self-regulating process may be approxi- 
mated as first order plus deadtime and the 63% response time 
is assumed to be the process deadtime plus the process time 
constant. For integrating processes, the response time may 
be assumed to be the deadtime plus the time required for a 
significant response to a change in the process input. A rule 
of thumb for setting the loop execution period is that "The 
control loop execution period should be at least four (4) times 
faster than the process response time.” 

Configuring a control loop to execute faster than four times, 
the process response time will provide little if any improve- 
ment in the control response to set point and load disturbance. 
However, the quality of control will be noticeably degraded 
when a control loop is configured to execute slower than four 
times the process response. Also, at these slower execution 
rates, the loop must be detuned to provide stable response, that 
is, proportional gain reduced and reset time increased. 

10 Processing Delays 

Another consideration in control systems is the impact 
of IO delay on control tuning and performance. Any 


delay introduced by IO processing will degrade control 
performance. However, the impact on control is large only 
if the delay is significant compared to the process response 
time. Let’s consider a fast process with a primary time con- 
stant of approximately 500 ms and a secondary time constant 
of 150ms (G=l, Tl=0.50, T2 = 0.15) — in Lambda tuning, 
the integral time is set equal to the process time constant 
(Ti = 0.5). Increases in IO delay must be offset by reducing 
the gain — this is shown in Table 1.3. 

Shaded areas are cases where the proportional gain is less 
than 1/3 the controller gain of the original case because of 
the introduction of IO or sampling delay — indicating regions 
of ineffective control. The loops used Lambda tuning for 
minimum peak error by setting the closed-loop time constant 
equal to the loop deadtime. The loop deadtime was estimated 
to be the sum of Vi of the secondary loop time constant, the 
IO delay, and Vi of the control execution time. Since the loop 
execution time is recommended to be l A the process response 
time, and then a general guideline for IO processing delay 
is “IO Processing Delay should be no more than 50% of the 
module execution period.” 

Anti-Aliasing Filtering 

It is important in IO circuits to remove unwanted interfer- 
ence such as that 50/60 Hz AC noise and lower frequency 
process noise (such as the waves on the top of tank). 
Modern A/D converters such as those provided by Texas 
instruments include an integrated digital finite impulse 
response (FIR) filter to remove noise pickup, for example, 
50/60 Hz and eliminate frequencies above the Nyquist fre- 
quency (¥i the A/D internal sample rate) of the application 
that utilizes the A/D output. A hardware filter is placed in 
front of the A/D to eliminate frequencies above Vi of the 
internal rate of the A/D. Since control loops vary in their 
execution rates, it is also important to include a filter to 
eliminate noise (usually process noise) above Vi the con- 
trol loop execution rate. For example, if the control loop 
executes at 1 s, then a filter must be set at 1/2 s. The rule 
of thumb for filters is “An A/D FIR low-pass digital fil- 
ter should support a -12dB attenuation at the control loop 


TABLE 1.3 

Monitoring and Controlling of a Process 

Tuning 

Method 

IO Delay 
(ms) 

Gain (s) 

PID Tuning 

IO Processing Delay 

Reset (s) Rate (s) 

Process Response 
Time (1) 

Control Loop 
Execution Time 

Typical PI 

0 

3.3 

0.5 — 

0.575 

0.14 


50 

1.2 

0.5 

0.625 

0.16 


too 

0.96 

0.5 — 

0.675 

0.17 


150 

0.79 

0.5 

0.725 

0.18 


Note: The process response time is the sum of the primary time constant and 0.5 x the secondary time 
constant plus the IO delay. The control execution period should be Va this response time. 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 29 


TABLE 1.4 

Sources of Process Noise 

Process Variable 

Source of Noise 

Control 
Band (%) 

Noise P-P 
Amplitude 1 (%) 

Inline effluent pH 

Radial instead of axial mixing — amplified by a steep titration 

2 

0.5 


curve and aggravated by “insufficient distance” and bubbles 

20 

50 

Vessel effluent pH 

Imperfect axial mixing — amplified by a steep titration curve and 

2 

0.1 


aggravated by “insufficient distance” 2 and bubbles 

20 

10 

Vessel product pH 3 

Imperfect axial mixing — amplified by a steep titration curve and 

0.02 

0.01 


aggravated by “insufficient distance” 1 and bubbles 

0.2 

0.1 

De-superheater temperature 

Imperfect axial mixing — aggravated by “insufficient distance” 

0.1 

0.02 


and water droplets 

1 

2 

Incinerator, dryer, and kiln 

Imperfect mixing, velocity effects, and burner pulsing — amplified 

1 

0.1 

draft pressure 

by sensitive measurement range (e.g., -0.25 to 0.25”) 

10 

10 

Boiler drum and column 

Boiling, shrink and swell, and “insufficient distance” 2 (surface 

5 

1 

sump level 

level measurements affected the most) 

20 

10 

Column reflux drum and 

Bubbles, foam, and turbulence (surface level measurements 

0.1 

0.05 

reactor level 4 

affected the most) and fluctuations in purge rate for bubblers 

1 

5 

Storage or raw material 

Turbulence (surface level measurements affected the most) and 

0.2 

0.02 

tank level 

fluctuations in purge rate for bubblers 

2 

2 

Dissolved oxygen 

Imperfect mixing and bubbles 

1 

0.5 

Liquid flow 

Erratic velocity profile, bubbles, and rangeability limit 

0.1 

0.2 


particularly for differential head meter 

5 

20 


Nyquist frequency and a minimum of -40 dB (preferably 
-60 or -70 dB) at 50 and 60 Hz.” 

So what is process noise? Noisy processes such as tank 
level measurement, kiln draft pressure, etc. may contain fre- 
quencies in the 0-10 Hz range. Since measurement devices 
sample at rates faster than this process noise, it is very likely 
that this noise will be picked up by the IO system and unless 
filtered will impact control. There are many sources of pro- 
cess noise. Several of these are included in Table 1.4. 


DIGITAL CONTROL SYSTEM NETWORKS 

DCS are deployed in a wide range of configurations from 
standalone configurations on laptops, which are primarily 
used for training and design activities to multi-zone configu- 
rations controlling an entire plant. In some cases, the DCS 
covers a wide geographic area with, for example, a portion 
of the system covering onshore operations and offshore com- 
ponents controlling platforms 10 s or even 100 s of miles off- 
shore. In many plants, the DCS has now been integrated with 
business systems providing real-time access to data, sched- 
uling, maintenance systems, etc. These configurations are 
shown in Figures 1.20 through 1.22. 

DCS Topologies 

Figure 1.20 illustrates a small system consisting of a worksta- 
tion connected to field instruments via a fieldbus. Control can 


Gateway/ 

firewall 


Plant network 



Small DCS 

Combined 
I operator and 
engineering 

Prlocess control network 


U^hJ©1— HI 


FIG. 1.20 

A small control system. 

be executed in the field instruments, the DCS controller, the 
workstation, or any combination thereof. 

Figure 1.21 illustrates a larger system consisting of 
several process areas. In this case, additional workstations 
have been added to cover multiple operators, maintenance 
functions, history collection, and integration with the plant 
network. In many cases, users are provided with remote 
access to the DCS using terminal services, usually through 
a virtual private network (VPN) connection. In more current 


© 2012 by Bela Liptak 


30 Process Control and Automation 




FIG . 1.21 

DCS with multiple plant areas. 



Remoted section of 
process control network 


Operator stations 


Remote 
data server 


I Engineering || 
station Jt 

Process control network 


Switch 
_L 


Switch 
I I — 


USa-S-m L cS] — [ol— 


HI 


Note: 

Radio/ microwave link 
needs to be at least 
1 Megbaud 


FIG. 1.22 

DCS with remote process area. 


systems, newer technologies such as VMware View are now 
being used to provide access using protocols such RDP and 
PCoIP. 

Figure 1.22 illustrates a system consisting of several pro- 
cess areas. In this case, one or more of the process areas are 


remoted from the main control system. The network con- 
necting these remote operations consists of fiber, microwave, 
and in some cases, satellite. In all of these cases, monitoring, 
history collection, and supervisory control are used. It is gen- 
erally not a good idea to attempt control over these remote 


© 2012 by Bela Liptak 




1 Distributed Control Systems and Process Plants 31 



FIG. 1.23 

Integrated plant control system. 


connections — security, sampling times, and reliability must 
be carefully considered. 

In many cases, the DCS has been fully integrated into 
the overall plant operation. It is not uncommon to see the tra- 
ditional DCS, safety systems, burner management, machine 
health, and burner management all integrated together. Many 
newer systems now fully integrate wireless technologies 
such as Wireless Highway Addressable Remote Transducer 
( WirelessHART) and lSlOO.lla. Figure 1.23 illustrates a sys- 
tem with fully integrated plant functions. Network integra- 
tion is discussed in detail later in this document. 

Corporate Network 

In most plants, a corporate network connects the plant opera- 
tions to other business units within the same company, the 
Internet, directory services, and other IT-type functions. 
A corporate network typically uses more than one type of 
media, supports multiple protocols, and is broken up into mul- 
tiple segments. Each segment can use 100 megabit per second 


(Mbps) Ethernet, 1 Gbps Ethernet, token ring networks, 
Fiber, or some other network. Connections to external net- 
works (the Internet) are over leased lines or packet-switched 
services such as frame relay. Connections to other offices are 
over either switched media (ISDN or analog modems), dedi- 
cated media (leased lines or frame relay), or the Internet. 

Plant Network 

The plant network provides plant-wide access to plant-level 
applications used across a specific site. These applications 
include applications such as plant-level historians, mainte- 
nance and device applications, etc. In many cases, a plant 
will have a preferred supplier such as DELL or HP and the 
plant network will run protocols such as TCP/IP and sup- 
port services such as dynamic host configuration protocol 
(DHCP). At this level, there will also likely be other net- 
work services such as those provided by Novell. In many 
plants, the plant backbone will be a Gigabit network, which 
carries not only digital data but also video, voice, etc. DCS 


© 2012 by Bela Liptak 





32 Process Control and Automation 


suppliers do not normally participate in the specification of 
plant networks. 

In the past, it was common for data to move from the 
control network to plant network but not the other direction. 
This is no longer true. Many plants now perform analysis, 
modeling, and scheduling at plant network level and then 
feed the data back down to control systems for use in data 
analytics packages performing online predication. Response 
time at the plant network level is in terms of many seconds. 
Communication redundancy is generally not required. 


Process Control Networks 

The process control network (PCN) consists of communica- 
tions that occur between DCS controllers, data historians, 
operator/configuration stations, safety systems, fire and gas 
protection systems, and gateways or linking devices to 10 
systems and control devices provided by other system sup- 
pliers. Data traffic on the PCN is split into localized traf- 
fic areas via switches and firewalls. These switches and 
firewalls perform no protocol conversion — they are just 
store and forward devices. Additionally, the PCN supports 
repeaters (via switches, hubs, fiber) that physically extend 
the distance of the network. The PCN supports the follow- 
ing capabilities: 

• Redundancy. 

• Message prioritization. 

• Provides functionality to respond to different types of 
messages differently depending on the state of the sys- 
tem. For example, if a message is not acknowledged 
within a fixed amount of time, the message is either 
discarded or resent. Both UDP and TCP/IP are used 
to provide functionality. 

• The PCN treats messages differently depending on 
whether the service is UDP or TCP based. UDP mes- 
sages are sent/received by fixed-sized message pools. 
TCP messages can be of any length. 

• Communications synchronization (i.e., as is used in 
Fieldbus HI) is not supported between PCN nodes. 

• Periodic, asynchronous, function block to function 
block communication is supported. Typically, the fast- 
est transfer rate of data between controllers over the 
PCN is 500 ms for unsolicited communications and 
100ms for writes. As such, the fastest outer-loop con- 
trol execution period across nodes should not exceed 
1.0s. 

• Time synchronization : Many DCS suppliers sup- 
port time synchronization via network time protocol 
(NTP). The time synchronization requirement is typi- 
cally 50 ms between nodes. 

• Firmware downloads : Most PCNs support firmware 
downloads from the main DCS database to all devices 
on the PCN. 

• Remote I/O'. Many PCNs support remote IO. 


• Alarms and alerts: Process alarms and device alerts 
from controllers and field devices can be routed to 
nodes registered for alarms and events. 

• Diagnostics: The PCN supports access to diagnostic 
data, performance data, traffic statistics, as well as 
many other pieces of diagnostics. 

It is also possible to use repeaters to extend the physical length 
of the PCN. Repeaters can take the form of switches, fiber 
optics, etc. Redundancy is supported by using two switches, 
two sets of fiber optics, etc. 

Redundancy is usually accomplished by using two sepa- 
rate communications links or networks. The primary com- 
munication link is the preferred communications path. The 
secondary link is only used for control system traffic if the 
primary has failed. Communications switchovers are nor- 
mally performed on a per node basis. For example, if Node A 
is communicating with Nodes B and C and the primary link 
to Node C fails. Node A will continue to communicate with 
Node B on the primary but will switch to the secondary link 
to communicate with Node C. There are no shared wires, 
no packet routing, and no traffic that is common between 
these two networks. During normal operation, the primary 
network carries the traffic between the PCN nodes. The pri- 
mary network and the secondary network run two indepen- 
dent protocol stacks. The NIC bind order is often used to 
determine which network a PC will use first for communi- 
cation. The binding order is set to default to the secondary 
network first. This will insure that PC -based communication 
(i.e., file transfers, printing, and any other noncontrol system 
traffic) will default to the secondary network, thus leaving 
the primary network open for DCS communication only. If 
the secondary network becomes unavailable, the primary 
will be used for all communication. 

In many PCNs, nodes are connected together via Ethernet 
switches. In these cases, Ethernet switches are used to con- 
nect multiple Ethernet nodes together to form the physi- 
cal layer of the network. Any node connected to a switch 
has the ability to communicate with any other node on the 
same switch. It is also possible to connect switches together 
to increase the number of nodes on a physical network. A 
switch also acts as repeater and can be used to extend the 
distance between Ethernet nodes. The physical arrangement 
of switches is shown in Figure 1.16. 

PCNs utilize several key techniques for communicating 
real-time data and alarms and events. A published data ser- 
vice provides a method through which a node can register to 
receive data values periodically. Published data is often pub- 
lished by exception (data is communicated when it changes 
or it exceeds some refresh timeout value). 

Alarms and events are time stamped at the source and 
published as they occur. Event “client” applications sub- 
scribe for events; the subscription requests are qualified by 
event type (alarms, control events, node events, user log-on/ 
off events, sequence of event, etc.) and by plant area. Event 
producing nodes often use a centralized event “publishing” 


© 2012 by Bela Liptak 


1 Distributed Control Systems and Process Plants 33 


service, which causes an event to be sent to all client nodes 
that have subscribed for them. Substantial event buffer- 
ing capacity exists in each node to help ensure that event 
information is captured for transmission even if the rate of 
event generation exceeds the communications capacity for 
short periods of time. In addition, many systems support a 
specialized “current state storage” facility, which can be used 
by nodes joining the network to synchronize with the system. 

Area Control Networks 

Many plants also include an area control network (ACN). 
The ACN is used to connect controllers and workstations to 
Modbus TCP/IP type networks, machine health, and other 
subsystems. The characteristics of this network are the same 
as those of the PCN. 

Field Networks 

Field Networks are used to connect field devices to control 
systems. There are more than 50 major types of instruments 
used to measure the most common process variables. The 
most prevalent types of process measurements are tem- 
perature, flow, level, pressure, and pH. There are also many 
types of discrete devices including limit switches and on/ 
off valves. Communications to this wide range of devices is 
accomplished over many types of field networks including 
conventional 10, HART, WirelessHART, Fieldbus HI, ASi, 
Profibus DP, Profibus PA, Serial, and DeviceNet. Most sys- 
tems also support a collection of propriety protocols used in 
their legacy IO systems. 

Whereas the PCN is used for supervisory control, data 
distribution between controllers, user interfaces, and data 
collection, field networks are used to scan I/O and to distrib- 
ute control loop processing amongst field devices. General 
requirements of the field networks are: 

• Periodic synchronous communications between field 
network devices to minimize deadtime jitter 

• Aperiodic asynchronous communications 

• Simplex or redundant communications 

• Message prioritization 

• Time synchronization 

• Real-time control (Fieldbus) 

Wireless Networks 

Wireless networks are now being deployed into thousands 
of sites. The wireless transmission of signals from smart 
devices eliminates the time and cost of the design, installa- 
tion, checkout, and troubleshooting of wiring. Devices can 
be easily replaced and relocated. In plants, this facilitates the 
movement of measurement instruments for troubleshooting 
and for finding optimum operating points; for example, the 
optimum location for temperature control in a fractionation 
column is the point where the greatest and most symmetrical 


change in temperature occurs with a change in reflux or steam 
flow. Also, the temperature profiles in certain sections of the 
column are more informative than those in others. Some of 
the possibilities include the following: 

• Wireless temperatures and differential pressures for 
packed absorber and distillation column hot spot and 
flow distribution analysis and control. 

• Wireless temperatures and differential pressures for 
fluidized bed reactor hot spot and flow distribution 
analysis and control. 

• Wireless pressures to debottleneck piping systems, 
monitor process filter operation, and track down the 
direction and source of pressure disturbances. 

• Wireless temperatures and flows to debottleneck cool- 
ant systems. 

• Wireless instrumentation to increase the mobility, 
flexibility, and maintainability of skids for process 
equipment service such as cleaning and sterilization. 

• Wireless instrumentations to increase the mobility, 
flexibility, and maintainability of skids for lab and 
pilot plant unit operations. (Note: skids are platforms 
of preassembled equipment, piping, and automation to 
perform unit operation.) 

Smart instruments offer an improvement in installed accu- 
racy, a reduction in drift, an increase in reliability, and the 
integration of device diagnostics. The latest advances in 
intelligent features, such as electrode impedance diagnostics 
for pH, have been put into wireless transmitters. Wireless 
transmitters eliminate the installation and maintenance cost 
of wiring and offer the mobility to optimize the measurement 
location. The significantly lower life cycle cost and faster 
speed of installation, checkout, and commissioning offers the 
opportunity to install more measurements to provide addi- 
tional process variables. Applications of smart transmitters 
can be developed in labs, such as inferential measurement of 
concentrations from conductivity and pH measurements, and 
readily connected to the control system. When the applica- 
tion has been successfully demonstrated in the lab, the wire- 
less transmitters can be directly moved to the field. These 
advantages can yield a dramatic improvement in the speed 
and scope of process information and a reduction in the trou- 
bleshooting for real and imagined problems. 

With the standardization of wireless technology, it is now 
possible to use wireless in control applications. Standards 
such as WirelessHART include significant functionality for 
performing control over wireless. The WirelessHART net- 
work has a sophisticated inherent security and redundancy 
mechanisms. Specific keys are required at both ends for a 
device to join the wireless mesh network. A rolling encryp- 
tion of messaging protects devices as they communicate. 
The self-organizing and optimizing capability of the wire- 
less network makes the setup and commissioning of a device 
fast, easy, and efficient. Simple modifications to the control 
algorithm in the DCS and exception reporting by the device 


© 2012 by Bela Liptak 



34 Process Control and Automation 


eliminate concerns about battery life and control system per- 
formance. Wireless smart devices will become the norm for 
many new plant installations. 

NETWORK INTEGRATION 

Figures 1.23 and 1.24 provide physical and logical views of 
networks in a process plant. There operating characteristics 
of the overall network must ensure that there is no unaccept- 
able risk of failure endangering safety of personnel, environ- 
ment, asset failure, or facility availability. For any potential 
disrupting condition, contingencies must be in-place for 
maintaining safe operations, including emergency shutdown 
and start-up. To meet these needs, networks are isolated by 
function and designed to meet specific requirements depend- 
ing on how a “specific network” is used. 

Network integration provides the capabilities to move 
data throughout the organization. The overall design prin- 
ciples for network integration are summarized as follows: 

• Secure: Security is the level of protection of the produc- 
tion facilities against malicious or inadvertent external 
intrusions that would threaten quality, integrity, or 
availability. Individual networks must be secured. 

• Standards: International standards and de-facto 
industry standards provide the foundation for much of 
the plants network infrastructure. 

• Availability: Availability is the percentage of time that 
a production facility functions under normal operating 
conditions. 

• Integrity: Integrity is the capability of the plants sys- 
tems to continuously supply measurements and apply 
control functions under specified quality, delivery, and 
time constraints. 

• Quality: Quality is defined as the percentage of time 
that measured values and measurement frequency are 
assured to be within the design specification. 

• Scalability: Network integration must allow for dif- 
ferent physical implementations supporting different 
plant sizes, asset maturity, and practical constraints 
(e.g., regulatory, environmental, commercial and 
financial, etc.). 

Division of Network into Process 
Network and Office Network 

Figure 1.24 provides a logical view of how networks are inte- 
grated in process plants. The office environment is where 
planning, forecasting, asset management, modeling, opti- 
mal set point computation, and some diagnostics and main- 
tenance activities are performed. The plant environment is 
where all field operations such as real-time process moni- 
toring and control, safety systems, validation of set points, 
equipment diagnostics, and maintenance of the producing 
facilities are performed. The Internet is where authorized 


users can perform activities such as remote diagnostics, data 
acquisition, and office activities as required. Direct access to 
the Internet should never be allowed from networks within 
the plant environment. 

IT Security 

The interconnection of the office and the plant environments 
exposes the overall plant to significant business risks. These 
risks can result in common mode failures of control and safe- 
guarding systems. For example, in a worse case, failure to 
secure the plant environment can result in computer virus, 
worms, or hacker infiltration of the network, resulting in per- 
sonnel injury/death, environmental damage, asset damage, 
and/or deferred production. 

Consequently, all connections between the office envi- 
ronment and the plant network (including “read-only” links 
for data historians) must be firewalled and properly secured. 
There are many standards covering security, including 
National Institute of Standards and Technology (NIST), the 
NISCC Good Practice Guide on Firewall Deployment for 
SCADA and Process Control Networks Rev 1.1 (NISCC) 
and ISA publications: ISA-TR99.00.01-2004 (Security 
Technologies for Manufacturing and Control Systems and 
ISA-TR99.00. 02-2004 (Integrating Electronic Security into 
the Manufacturing and Control Systems Environment). NIST 
provides an extensive set of recommendations that can be 
easily adopted by system suppliers to lockdown and manage 
security settings for workstations. 

Office Environment 

The office environment includes all devices, nodes, systems, 
and networks required to provide a standardized enterprise- 
wide computing/information technology environment. The 
office environment includes standard desktop PCs, mail 
servers, business applications, office networks, and data stor- 
age. The office environment, in many cases, also includes a 
high-level historian that collects and stores data for business 
and regulatory reporting, financial analysis, and plant assess- 
ment. In many cases, lab and material samples are also stored 
at this level. 

Plant Environment 

The process environment contains the monitoring, control, 
and data collection functions. Control systems include DCS 
systems, safety shutdown systems, fire and gas detection 
systems, machine health monitoring systems, and mainte- 
nance systems. It also contains specific functions to collect, 
transmit, monitor, manipulate, display, safeguard, optimize, 
and store (primary storage only) production data. In cases 
where data such as lab samples are on the other side of the 
firewall, specific gateway connections are used to transfer 
data into and out of the plant environment. The plant envi- 
ronment also often contains electrical metering systems, 


© 2012 by Bela Liptak 


1 


Distributed Control Systems and Process Plants 


35 



FIG. 1.24 

Network integration for a distributed control system. 


© 2012 by Bela Liptak 





















36 Process Control and Automation 


environmental monitoring systems, and location detection 
systems. The environment includes continuous, batch, and 
event historians. 

A key part of the plant environment is the operator, 
engineering, and maintenance workstations that are distrib- 
uted by department throughout the facility. In many plants, 
operator stations are located close to the equipment that they 
are controlling. In other environments such as many large 
refineries, control rooms have been consolidated into a single 
large control room. 

Process Control Device Connectivity 

The top level network in the process control environment is 
the plant network. The plant network interconnects all sys- 
tems, such as the electricity metering, the PCN, and gateways 
with the office domain. The connection between the plant 
environment and the office network must be secured. 

The PCN provides a backbone for maintenance stations, 
operator stations, engineering and configuration stations, his- 
torians, controllers, machine health, IO systems, and gate- 
ways. In most cases, the plant network and the PCNs will be 
connected through firewalls. More recent systems also con- 
nect all workstations into the PCN through smart switches, 
which also provide firewall capabilities. 

Process control devices are interconnected by three spe- 
cialized communication networks: 

• Field buses and conventional IO 

• Control buses 

• Process control network 

Field buses and conventional IO connect field devices 
through DCS controllers to the rest of the plant control sys- 
tems. Conventional IO is point-to-point wiring — this has 
been the standard practice for plants for many years. Field 
buses such as Fieldbus HI eliminate a significant portion of 
the wiring, enable extensive device diagnostics, and in some 
cases, enable control in the field. Most field buses provide 
power to the devices, which eliminates additional wiring. 

Recent advances in both wireless and conventional IO 
also reduce the amount of wiring in the field. In the case of 
wireless devices powered by batteries or other power sources, 
signal information is transmitted using wireless techniques. 
In the case of conventional IO, electronic marshalling will 
fundamentally change work practices for wiring, engineer- 
ing, and commissioning plants. 

A local control bus is a local backbone that interconnects 
the active control modules with other parts of the plant envi- 
ronment such as motor control centers, packaging, and mate- 
rial handling. 

Wireless Networks and Devices 

Wireless networks and wireless devices are becoming more 
common within a wide range of industries. These devices 


may introduce additional security risks and lower availability 
levels associated with wireless communications if used for 
control and safeguarding. It is important that the wireless 
technology be based on proven technology that is supported 
by a wide range of suppliers representing all world areas. 
There must be no way to disable security. 

Field Instruments 

Most current instruments are smart. Smart transmitters pro- 
vide both measurement data and diagnostic information. This 
diagnostic information can be used to monitor the health of 
the device, and to some extent, the health of the process that 
the devices are monitoring. To keep the entire system run- 
ning reliably, it is essential to monitor this information on a 
continuous basis. There are various methods to connect field 
instruments: 

• Local control bus: Field Instruments with a control 
bus interface can be connected directly to the control 
bus. Such instruments include flow computers, gas 
chromatographs, anti-surge control systems, and other 
complex field devices. 

• Field buses: Field instruments with field bus capa- 
bilities can be connected by means of a DCS con- 
troller or a linking device (Gateway). Field buses 
include Foundation Fieldbus HI, Profibus, and 
ASi. Whereas Fieldbus HI and Profibus are pri- 
marily used for continuous signals, ASi is used to 
network field sensors and actuators subject to “on- 
off-control” or “on-off-monitoring” (two-state field 
devices, such as proximity switches, on-off valves, 
and on-off indicators). 

• Conventional IO: Most IO, in particular in existing 
plants, is connected in a classic manner via a 4-20 mA 
current loop with HART to a control system. The 
HART protocol enables configuration and diagnostics 
within the device to be utilized by the plant systems. 

Equipment Packages 

Equipment packages (often referred to as skids) are often 
purchased and delivered to a site complete with their own 
control and protection systems. These packaged systems 
include functions such as gas compressors, smart electrical 
drives, switch gear, etc. Although they should preferably be 
fully integrated into the facility’s control system, this is often 
not done. There are primarily three ways of connecting these 
packaged systems: 

• Hardwiring specific IO 

• Over the local control bus using a standard such as 
Modbus TCP/IP 

• Using an open standard such as OPC 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 37 


FUTURE TRENDS 

Many changes in the control industry have often followed 
innovations occurring in other industries. Looking ahead, it 
is unlikely that technology alone will have the same degree of 
impact. So the questions are as follows: “What are the busi- 
ness drivers and how will the control system infrastructure 
evolve to support these business drivers?” 

Looking at the first question, “ What are the business driv- 
ers ?” All business performance is based on value that can 
be generated from its assets. These assets range from people 
and materials, to intellectual content to physical properties. 
Plants are becoming much more integrated with business sys- 
tems. These plants operate with much tighter requirements, 
are expected to be able to adjust production schedules in real- 
time to changes in conditions and orders, and are much more 
regulated. Achieving these objectives requires a much greater 
understanding of the process, improved understanding of the 
state of the equipment in the plant, and far better data analy- 
sis techniques. The people operating these plants will likely 
hold degrees, and in many cases advanced degrees. This 
leads to the second question, “How will the control system 
infrastructure evolve to support these business drivers?” 

The answer to this second question must be considered 
in several parts. Gaining process insight involves increased 
measurements, providing more diagnostics on the devices, 
providing diagnostics on the process that the devices are part 
of, and moving things that were in the past done manually 
on-line. For example, the first release of WirelessHART went 
a long way toward making it possible to both reach advanced 
measurements and diagnostics that are already in devices 
today and to cost effectively measure many things in the past 
that were difficult to reach. In the first case, many plant infra- 
structures today are ill-equipped to report advanced diagnos- 
tics. Wireless allows these measurements to be communicated 
on an alternative infrastructure. In other cases, the type of 
equipment, for example rotating equipment, makes it diffi- 
cult to take measurements. It is a lot easier to attach devices 
to this kind of equipment and let the wireless infrastructure 
take care of the communications. In still other cases, where 
state-of-the-art was manual measurement, wireless makes it 
cost effective to periodically take these measurements and 
communicate them. An example of this is equipment health 
and monitoring. New devices are being designed and built to 
measure vibration and communicate signals values and diag- 
nostics back online centralized systems. 

New devices often include advanced diagnostics that 
can diagnose the health of the device and in many cases, the 
health of the process that the device is connected to. It is 
not uncommon for these latest devices to include diagnostics 
that can detect plugged lines, burner flame instability, agita- 
tor loss, wet gas, orifice wear, leaks, and cavitations. These 
devices tell the user how well they are operating and when 
they need maintenance. 

To realize the benefits of these smart devices, there needs 
to be very good integration with applications and control 


systems. To facilitate this integration, field buses, for exam- 
ple, HART incorporated features such as status on measured 
values, time stamps, event latching and confirmation, block 
data transfer, and in the case of HART 7, a complete wireless 
communication system that tunes itself to match the control 
and communication demands of the control system. Better 
integration results in fewer trips into the plant, a much better 
controlled process, and significantly less downtime. 

Many new devices include multiple measurements, for 
example, a level measurement device may include both a flow 
measurement as well as discrete values providing high- and 
low-level indications. These hybrid devices are supported 
by a new discrete specification. Other new devices will 
offer asset tracking capabilities. These requirements will be 
addressed using location measurements and techniques. 

So what about control over wireless? The truth is that 
early adopters are already hard at work testing control over 
wireless. These first installations have already proven that 
good control performance can be maintained with wireless 
infrastructure. As improved wireless network scheduling 
techniques and better battery technologies are developed, 
control over wireless will be adopted by more and more 
plants. 

The control industry will continue to leverage improve- 
ments in microprocessors, networking, and system-on-chip 
capabilities. The latest improvements have enabled signifi- 
cant improvements in IO systems (Electronic 10), which in- 
turn is changing installation and work practices. Electronic 
IO provides users with considerable flexibility in assigning 
IO to controllers while at the same time significantly reduc- 
ing installation costs. 

Another major area of research that will emerge in 
products is in the area of data analytics. Data analytics will 
allow users to monitor and predict quality as the batch or 
continuous product are being manufactured — giving opera- 
tors a chance to do something about the quality as it is being 
manufactured. 

The ability to capture and store more measurements, and 
in many cases data collected and time stamped closer to the 
source, opens the door for data-intensive applications. These 
data-intensive applications will make it possible for users to 
capture, analyze, and utilize data. Already today some early 
applications such as StatSoft, Curvaceous, and Tableau are 
providing tools for analyzing and understanding data. 

Another technology area that is now beginning to have 
an impact on the control industry is search. Context specific 
search tools such as that offered by Wolfram Research are 
redefining the expectations for search. 

Usability and design are now emerging as fundamen- 
tal elements of control system design. No longer will users 
accept features that are not designed to work within some 
context. 

Open systems and commercial-off-the-shelf products 
have opened vulnerabilities in the control infrastructure. 
Major security initiatives from ISA, NIST, and others are 
showing up in the control industry. 


© 2012 by Bela Liptak 



38 Process Control and Automation 


On computing front, the shift has been from faster pro- 
cessors to multi-core chip sets. These multi-core chip sets 
will find their way into controllers and other embedded com- 
ponents. Compiler technology is now beginning to show up 
that can readily take advantage of this capability. 

Safety and the environment will continue to have an 
impact on control system technology. Leading the way on 
this will be new technologies and techniques from groups 
such as the ASM and the Center for Operator Performance 
(COP) that is making an effort to replace rules of thumb with 
scientific evidence. 


CONCLUSIONS AND COMMENTS 

Plant control systems consist of an integrated set of DCS 
systems, safety and safeguarding systems, historians, 
maintenance applications, and specialized packaged/skid 
systems. These components define the configuration capa- 
bilities, control, communications, alarms and events, diag- 
nostics, redundancy, historical data, security, and integration 
capabilities of the system. Most DCS suppliers make it easy 
to integrate multiple buses, define advanced batch, continu- 
ous, and safety strategies. They also provide support for col- 
lecting historical data and transferring that information to 
plant-wide information systems. 

When looking at the overall networking installed in 
a plant environment, it is important to differentiate the 
networking into that portion installed in the office and that 
portion installed in the plant. The office environment is 
where planning, forecasting, asset management, modeling, 
optimal set point computation, and some diagnostics and 
maintenance activities are performed. The plant environment 
is where all field operations such as real-time process moni- 
toring and control, safety systems, validation of set points, 
equipment diagnostics, and maintenance of the producing 
facilities are performed. The Internet is where authorized 
users can perform activities such as remote diagnostics, data 
acquisition, and office activities as required. Direct access to 
the Internet should never be allowed from networks within 
the plant environment. 

Many plants are now installing plant-wide backbone 
networks. In many cases, these backbone networks blur the 
boundaries between the office and the plant. That aside, it is 
critical that the interconnection of the office and the plant 
environments be protected. Failing to do so could expose 
the overall plant to significant business risks, which in a 
worse case, could result in computer virus, worm, or hacker 
infiltration of the network, resulting in personnel injury/ 
death, environmental damage, asset damage, and/or deferred 
production. 

All physical and logical connections between the office 
environment and the plant network must be firewalled and 
properly secured. 

An emerging area is data analytics. Data analytics 
allows users to monitor and predict quality as the batch or 


continuous products are being manufactured. This will give 
operators a chance to do something about the quality as it is 
being manufactured. 

An area that is now getting significant attention is the 
user interfaces for operators, maintenance personnel, and 
other plant workers. Organizations such as the ASM con- 
sortium and the COP are performing leading-edge research 
that is already changing the way user interface systems are 
designed and alarm management systems implemented. 

Newer devices now include advanced diagnostics that 
can diagnose the health of the device and in many cases, the 
health of the process that the device is connected to. These 
devices tell the user how well they are operating and when 
they need maintenance. Plant networking is evolving to sup- 
port these capabilities. 

Symbols 

T e Open-loop time constant 
X c Closed-loop time constant 
X Time to 63% of a set point change 
0 O Total loop deadtime 

Abbreviations 

ACN Area Control Network 

ANSI The American National Standards Institute 

A/D Analog to Digital Converter 

COP Centre for Operator Performance 

DCS Distributed Control Systems 

DDC Direct Digital Control 

DHCP Dynamic Host Configuration Protocol 

ERP Enterprise Resource Planning 

FIR Finite Impulse Response 

FMS Flexible Manufacturing System 

IAE Integrated Absolute Error 

IEC International Electrotechnical Commission 

ISA International Systems Automation 

IO Input/Output 

LCD Liquid Crystal Display 

LED Light Emitting Diode 

LLOI Low-Level Operator’s Interface 

MES Manufacturing Execution Systems 

NIST National Institute of Standards and Technology 

NTP Network Time Protocol 

PCN Process Control Network 

P1D Proportional-Integral-Derivative 

OPC Open Connectivity via Open Standards 

OSI Open Systems Interconnection 

RTDs Resistance Temperature Detectors 

SFC Sequential Function Charts 

SIL Safety Integrity Level 

SIS Safety Instrumented System 

SOE Sequence of Events 


© 2012 by Bela Liptak 



1 Distributed Control Systems and Process Plants 39 


SV Solenoid Valve 

TTL Transistor-Transistor Logic 

VPN Virtual Private Network 

Bibliography 

Allen, R., Local Networks, Electronic Design, April 16, 1981. 

Allen, B.S., Data highway links control equipment of any number of 
different manufacturers, Control Engineering, July 1981. 

Andrei, N., Modern Control Theory — A Historical Perspective, 
Research Institute for Informatics, Centre for Advanced 
Modeling and Optimization, Romania, 2005. http://www.ici. 
ro/camo/neculai/history.pdf 

Astrom, K.J. and Murray, R.M.. Feedback Systems: An Introduction 
for Scientists and Engineer, Princeton University Press, 
Princeton, NJ, 2008. 

Atif, Y., System Software support for distributed real-time systems. 
Journal of Systems and Software, 53(3): 245-264, 2000. 

Bissell, C.C., A history of automatic control, IEEE Control Systems, 
16: 71-78, April 1996. 

Blevins, T.L., McMillan, G.K., Wojsznis, W.K., and Brown, M.W., 
Advanced Control Unleashed, ISA, Research Triangle Park, 
NC, 2004. 

Boyes, W. and O'Brian, L., ARC and control count off the top fifty 
automation companies, Control, December 2006. 

Campelo, J.C., Rodrguez, F., Rubio, A., Ors, R., Gil, P.J., 
Lemus, L.. Busquets, J.V., Albaladejo, J., and Serrano, J.J., 
Distributed industrial control systems: A fault-tolerant archi- 
tecture, Microprocessors and Microsystems, 23(2): 103-112, 
1999. 

Fan, C.K. and Wong, T.N., Agent-based architecture for manufac- 
turing system control, Integrated Manufacturing Systems, 
14(7): 599-609, 2003. 

Franklin et ah, Feedback Control of Dynamic Systems (4th edn.), 
Prentice Hall, Upper Saddle River, NJ, 2002. 

Garrett, L.T. and McHenry, J.M., Analyzing costs of digital and 
analog control systems, Hydrocarbon Processing, 60(12): 
103-108, December 1981. 

Hawkins, W.M. and Fisher, T., Batch Control Systems — Design, 
Application, and Implementation (2nd edn.), ISA Publication, 
(Paperback June 1, 2006). 

Herb, S.M. and Moore, J.A., Understanding Distributed Process 
Control, ISA, Research Triangle Park, NC, 1987. 


IEC 61511, Safety Instrumented Systems for the Process Industry 
Sector, http://www.iec.ch 

IEC 61508, Functional Safety of Electrical/Electronic/ 
Programmable Electronic Safety-Related Systems. http://www. 
iec .ch/functionalsafety/ 

Kilian, C., Modern Control Technology, Thompson Delmar 
Learning, Albany, NY, 2005. 

Kwok, T., Advanced Workstations as DCS Operator Consoles, ISA 
Conference, Houston, TX, October 1992. 

Levine, W.S., The Control Handbook, CRC Press, New York, 
1996. 

Losavio, F. and Matteo, A., Multiagent models for designing object- 
oriented distributed systems. Journal of Object Oriented 
Programming, 13(3): 8, 2000. 

Lukas, M.P., Distributed Control Systems, Van Nostrand Reinhold 
Co., New York, 1986. 

Mahalik, N.G. and Lee, S.K, Client server-based distributed archi- 
tecture for concurrent design of DCS networks: A case study, 
Integrated Manufacturing Systems, 13(1): 47-57, 2002. 

McMillan, G.K., Essentials of Modern Measurements and Final 
Elements in the Process Industry, ISA, Research Triangle Park, 
NC, 2010. 

Myron, T.J., Digital technology in process control, Computer 
Design, 20(11): 117-128, November 1981. 

Park, J., Reveliotis, S.A., Bodner, D.A, and McGinnis, L.F., A 
distributed, event-driven control architecture for flexibly 
automated manufacturing systems, International Journal of 
Computer Integrated Manufacturing, 15(2): 109-126, 2002. 

Stockdale, R., Smart transmitter users speak out for global standard- 
ization, Control Engineering, September 1991. 

Sulzer, E. and Bertsch, M., Design and engineering of a modern 
process control system, World Cement, 28(10): 72, 1997. 

Tebbett, G., Putting the system together. Instruments and Control 
Systems, May 1983. 

Wade, H.L.. Distributed control systems manual, Applied Digital 
Research Inc., Phoenix, AZ, 1991. 

Yook, J.K., Tilbury, D.M., and Soparkar, N.R., A design methodol- 
ogy for distributed control systems to optimize performance in 
the presence of time delays. International Journal of Control, 
74(1): 58-76, 2001. 

Zama, E., Chaillet-Subias, A., and Combacau, M., An architec- 
ture for control and monitoring of discrete events systems, 
Computers in Industry, 36(1): 95-100, 1998. 


© 2012 by Bela Liptak 


